
(12) INTERNATIONAHiiPPLICATION PUBLISHED UNDER THE PATENT ^JDPERATl ON TREATY (PCT) 

\ 

(19) World Intellectual Property Organization 
Interna tionaJ Bureau 

(43) International Publication Date (10) International Publication Number 

22 February 2001 (22.02.2001) PCT WO 01/13576 A2 




illinium 


nil 


iiiiiiiiiiiiiii 


ii 


mill. 


minimi 


HI 



(51) International Patent Classification 7 : H04L 12/00 

(21) International Application Number: PO7US00/2232 1 

(22) International Filing Date: 15 August 2000 (15.08.2000) 

(25) Filing Language: English 

(26) Publication Language: English 



(30) Priority Data: 

09/375,250 



16 August 1999 (16.08.1999) US 



(71) Applicant: POSTOFFICE.COM, INC. [US/US]; 1699 
Lucca Place, San Jose, CA 95138 (US). 

(72) Inventors: GMUENDER, John; 1699 Lucca Place, 
San Jose, CA 95138 (US). SAVKAR, Sunil; Apartment 
8L, 353 West 56th Street, New York, NY 10019 (US). 
WILLIAMS, Ted; 582 More Avenue, Los Gatos, CA 
95032 (US). 

(74) Agents: RAUBVOGEL, Amir, H. et al.; Fenwick & West 
LLP, Two Palo Alto Square, Palo Alto, CA 94306 (US). 



(81) Designated States (national)'. AE, AL, AM, AT, AU, AZ, 
BA, BB, BG, BR, BY, BZ, CA, CH, CN, CU, CZ, DE, DK, 
EE, ES, FI, GB, GE, GH, GM, HR, HU, ID, IL, IN, IS, JP, 
KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, 
MG, MK, MN, MW, MX, NO, NZ, PL, PT, RO, RU, SD, 
SE, SG, SI, SK, TJ, TM, TR, TT, UA, UG, UZ, VN, YU, 
ZA, ZW. 

(84) Designated States (regional)'. ARIPO patent (GH, GM, 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZW), Eurasian 
patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), European 
patent (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, 
IT, LU, MC, NL, PT, SE), OAPI patent (BF, BJ, CF, CG, 
CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG). 

Published: 

— Without international search report and to be republished 
upon rece ipt of that report. 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations" appearing at the begin- 
ning of each regular issue of the PCT Gazette. 



BEST AVAILABLE COPY 



IT) 



o 



(54) Title: DIGITAL MAIL 

(57) Abstract: Digital Mail (Dmail), the Digital Mai] Network™, and the Digital Mail PostOffice are a combination of systems 
and methods for the electronic transmission, reception, storage, retrieval and display of data allocated to or transmitted from user 
accounts, addressed by other users through a variety of designators. These designators specifically include convenient well-known 
information such as a physical street postal address or a telephone number, from which the invention derives special designators 
called unique identifiers. A unique identifier is a determinate combination of a user's name and a physical address. A set of methods 
and systems provide for the transmission or display of data via different classifications, such classifications allowing for strong user 
control of content An additional set of methods and systems provides for both physical printed delivery of data to any user with or 
without a user account, and for storage, retrieval and display of advertising data with such physical or electronic data based upon 
identifying characteristics of the user including the geographic location of the user. 
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DIGITAL MAIL 



Background 

Field of the Invention 

5 The present invention relates generally to electronic communication systems, and more 

particularly to electronic communication systems that self-authenticate the identity of senders 
and recipients, support multiple modes of addressing, and provide for automatic prioritization 
of received communications. 

Background of the Invention 
10 Today, it is not possible to send electronic data to a recipient addressed by the 

recipient's physical street address. Instead, whenever the physical street address is desired as 
the definition of recipient, the only distribution mechanism equipped to use it is the postal 
service or other physical delivery systems. An item to deliver to a recipient is first provided to 
the postal system at formal post offices, drop boxes, contract stations, or at post office branch 
15 locations. The delivered item is likewise made available to the recipient at post office boxes, 
city boxes, at rural delivery points or directly at ultimate street address destinations. There is 
only a single "addressing mode", namely the "postal address" that defines both the input and 
the output points of the transport channel of the postal handling service, which in most cases is 
a central governmental organization, such as the United States Postal Service. The 
20 organization sets up both the form and some of the substance involved in geographical 

addresses (the "Postal Address") for all entities along with providing the service of delivery. 
Although variations of the postal handling service have appeared, including specialized 
package handling services and overnight package handling services, all such systems rely upon 
the use of a Postal Address for addressing purposes. 

Traditional methods of data transmission using a Postal Address yield several 
advantages. One advantage of the Postal Address is the trust process derived from centralized 
governmental control over issuance of addresses as to the validity of an address matching a 
specific location. Further trust levels and services, including authentication of receipt, 
authentication of the receiver, and so forth, may be provided as for certified mail, or delivery 
systems requiring identification of receiver. Another advantage is the commercial utility of 
the Postal Address for targeting customers in specific geographical regions. A powerful tool 
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of the advertising and marketing industry is the use of Postal Addresses combined with large 
demographic databases to pinpoint potential customers. Reliance on a method of transmission 
based on a geographically determinate location allows for catalogs, brochures, offering print 
material, and the like, to be sent to a target group thus increasing the probability of achieving 
5 or retaining new customers at a lower cost. 

A significant disadvantage to the postal handling service and its variations is a very 
large cost function related to speed of transmission. In order to guarantee quick arrival time, 
costs for transmission of data increase rapidly. A further disadvantage from the commercial 
side is the cost of the paper or materials to be transmitted, which sets limits as to the extent an 
10 advertiser may reach a potential market. 

With the accelerated development of the personal computer (the "PC") and digital 
telecommunications systems, including the Internet, alternate points of entry and exit and 
varied transport systems have appeared. Facsimile transmission and other forms of data 
communication via modem, radio frequency transmission, satellite communication, and 
15 combinations thereof, have grown in use by wide margins in the past fifteen years. As 
acceptance and use of these channels of communication have grown, so too has the 
technological capability of the supporting systems. Additionally, the growth of combined 
channels of communication (or "hybrid channels") has occurred. 

Hybrid mail is one of such hybrid channels. In recent years, the term "hybrid mail" , as 
20 well as the service it denotes, have grown with increased acceptance as the business and 

technical communities have found better and more efficient ways to utilize the mail stream not 
only in the United States, but across the global marketplace as well. With some similarities to 
facsimile transmission, hybrid mail allows a sender to have data transmitted in electronic form 
to an area in close proximity to the recipient for printing and then uses delivery via the local 
25 postal service. Thus, unlike normal facsimile transmission methods which allow the sender to 
use a public telephone number for the electronic transmission of data to the receiver who must 
have a telephone and a facsimile device, hybrid mail makes use of the postal handling service 
at the end point for completing transmission of data to the recipient, so that the recipient need 
not have a facsimile device. 
30 Although hybrid mail and facsimile transmissions have utility in cutting costs and 

times for data transmission, they are fundamentally one-way solutions with neither dynamic 
storage ability nor the ability to transmit data in anything more complicated than paper form. 
That is, once a person receives an item by hybrid mail there is no direct mechanism by which 
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they can respond; nor is there any type of account' set up by which they can automatically 
receive hybrid mail and all other forms of transmission in an integrated fashion. 

In contrast to the traditional postal handling services and hybrid delivery channels, 
electronic mail systems provides a robust method for the transmission, reception, storage, 
5 retrieval and display of data either in local area networks or more widely interconnected via 
the Internet. Such methods rely upon a consistently loose electronic format ("e-mail"), but use 
only a very strict addressing mechanism (the "e-mail address"). Such e-mail systems have the 
capability of rendering data in a variety of formats, for visual display on a screen or in printed 
form, for remote access or locally, for easy duplication and retransmission, for streamlined 
10 detection of receipt methods, very low cost and short time delays. However, current 

implementations of e-mail systems have their limitations, and in particular, cannot use the 
postal address as a descriptor of the intended recipient. 

One limitation of email is that transmission of data via e-mail to a particular end-user 
cannot occur until the end-user has designated an e-mail address to which the data can be 
15 routed. That is, the user cannot receive email until their email address is established by their 
email service provider. Without such an email address, attempted email transmissions by 
others simply fail, with the sender being informed that the "recipient name is not recognized" 
or the like. That is, transmission is either impossible or creates an invalid response in an e-mail 
based system implementation if either an e-mail address has not been previously allocated for 
20 the reception of electronic media, or if the e-mail address designated for transmission does not 
have a corresponding allocated reception point. 

Generally, the method of allocating an e-mail address for the routing of electronic 
media to an end-user can be referred to as "pre-registration" of an e-mail address. Without 
pre-registration of such address, electronic media cannot be transmitted, stored or retrieved by 
25 an end-user of an e-mail system. 

Authentication is another problem with conventional email, referring to the ability to 
"know" the identity of the user. The method of authenticating an end-user related to an e-mail 
address is not a consistently defined process for e-mail based systems. Each local system 
allocating e-mail addresses can use its own approach, or no approach, to authenticate the end- 
30 user of an e-mail address location. Furthermore, such authentication information is not shared 
between loosely connected systems over the Internet (using the Standard Mail Transfer 
Protocol called "SMTP'*), and thus when such end-user is a sender of electronic media, there is 
likewise no complete method of authentication with respect to such sender. That is, the 
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recipient of email over the internet today has no guarantee that the putative "sender" is in fact 
who sent the email message. The e-mail address is a virtual address that does not include 
information obvious to the end-receiver of electronic media to distinguish where the media 
arrives from, or whether the sender's indicated name is at all true. This makes it trivial with 
5 existing email systems to send anonymous email or email that is deliberately misleading as to 
the identity of the actual sender. Often, such email is unwanted and is called "spam", 
indicating a troublesome problem because filters cannot definitively know the true sender. 
This problem of ineffective filters exists at both the sending and receiving end of a 
transmission. Since IP addresses are typically assigned dynamically, they are not a way of 
10 identifying the actual sender connecting to an SMTP server to initiate an email, and since the 
SMTP protocol has no authentication of the sender, the "from" fields can be manipulated at 
will. Another limitation of conventional email systems is that the sender is likewise unable to 
require authentication of the recipient for a particular item of email at the time the recipient 
attempts to read the email. Thus, the sender has now way of knowing that the person who 
15 reviews the email is in fact the intended recipient; simple 'return receipts' provided by 

conventional email systems merely indicate that the email was read but do not authenticate the 
recipient. 

Telephone systems are a ubiquitous form of communication, but other than being the 
infrastructure over which electronic communications often pass, they have no direct 
involvement in how electronic communications are addressed. Specifically, it is not possible 
today to address an email message to a recipient using their telephone number. 

Summary of the Invention 

The present invention addresses the disadvantages of the previously described prior 
methods of data transmission, providing a robust electronic transmission system similar to e- 
mail systems, with the additional and central addressing schemes based on the Postal Address 
used by postal handling services, or a telephone number, with authentication of both the 
receiver and sender insured, automatic pre-registration of a given account addressed via a valid 
Postal Address and methods of automatic generation and transmission of physical printed data 
for delivery in traditional postal handling systems. The present invention further allows for 
classification of data by both the sender and the receiver, such added control a result of the 
strong authentication properties of the system. The classification gives each receiver strong 
control over what they choose to read because they are able to rely upon trusted definitions of 
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the sender and categories. Unwanted e-mail can be relegated to appropriate categories, giving 
each receiver the individual choice as to whether to read or ignore all mail in a category 
without fear of misclassification of mail from authorized senders. 

First, the present invention enables the use of postal addresses as a direct way of 
5 addressing electronic communications. An electronic communication, such as an e-mail 
message, can be sent to a recipient simply by including the recipient's postal address at the 
head of the body of a message sent by ordinary e-mail, or in fields specifically provided in a 
preferred browser interface. Unlike conventional systems, there is no need for the recipient to 
have a previously allocated e-mail address at a receiving system. Instead, the electronic 
10 communication can be delivered to a previously established master e-mail address (e.g., 

"postmaster") at a specified domain (e.g., "postoffice.com" or the like). At the domain, any 
or all available postal addresses have been assigned a digital mailbox associated with the 
recipient's name and postal address. The postal address of the recipient is extracted from the 
communication and used to identify the appropriate digital mailbox into which the 
15 communication is routed. 

One aspect of the invention is that the use of postal address enables rigorous 
authentication of recipients, and enables the sender to send, and the recipient to receive, 
electronic communications to the recipient even before the recipient requests that the digital 
mailbox be activated or registered in his behalf. Rather, the sender's communication is used 
20 as a carrier for incentivizing the recipient to register and thereby authenticate themselves and 
activate their digital mailbox. More particularly, if the recipient has not activated their digital 
mailbox, then the sender's electronic communication may be printed out and combined with 
an authentication code assigned to the recipient. The combined printed communication and 
authentication code is delivered to the recipient at the postal address provided by the sender 
25 using the postal service, so that the authentication code is available only once the 

communication is opened and read. The recipient registers their digital mailbox by providing 
the code back to the system which hosts the digital mailbox. This action authenticates the 
identity of the recipient at the postal address, since by law, in nearly all countries, only the 
specified recipient of a postal item may open the contents of such item. 
30 Thus, one feature of the present invention is the use of the postal address, which are 

regularly maintained and updated, to provide a high level of authentication of electronic 
communication. Once a person has registered their digital mailbox, all communications sent 
from this person are authenticated: when received by others, the recipients have a high level 

5 
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of certainty that the specified sender was in fact the sender of the communication. This ability 
is not available in conventional e-mail systems based on standardized, public e-mail protocols 
(e.g. SMTP, POP, etc.). 

One embodiment of the present invention provides an electronic communication 
5 system for the creation, transmission, reception, storage, retrieval and display of data allocated 
to or transmitted from digital mail accounts ("digital mailbox") . The system maintains a 
digital mail account database which maps one or more unique identifiers to each digital 
mailbox. 

Each unique identifier is a determinate combination of an entityname (e.g. "John 
10 Smith") and a postal address (e.g. "123 Main Street, Anytown, CA, 9431 1, USA"). An 

individual recipient may have multiple different unique identifiers, using combinations of their 
entityname and different postal addresses; for each of these unique identifiers, the user may 
have a separate digital mailbox in the system. Overall, the combination of postal addresses and 
entitynames is a many-to-many relationship with all such combinations possible in the 
15 database system. Each digital mailbox is also assigned a unique account number, which also 
serves as an addressing mode, called the "digital P.O. Box". 

Another aspect of the invention provides unique identifiers which are the combination 
of an entityname and a telephone number; again a user may have multiple such identifiers and 
digital mailboxes for each. 
20 The advantage to the user of having multiple identifiers, some based on postal 

addresses, some based on telephone numbers, some based on digital mailbox account numbers, 
is that the user may receive electronic communications which are addressed to the user by 
various combinations of their name and addresses, telephone numbers, or the like. The system 
automatically extracts the postal address (or telephone) information from a sender's message^ 
25 forms the unique identifiers therefrom and determines from the database the appropriate digital 
mailbox into which the communication should be routed. From there, additional routing may 
occur to any of the other unique identifiers defined for the recipient's digital mailbox; for 
example forwarding to an external email address in another email system. It is not even 
necessary for the user to provide their identifiers to others in order to receive such 
30 communications. The availability of addresses and telephone numbers makes it possible for 
potential senders to directly address an end user with just this information. 

A plurality of unique identifiers can map to a single account, or each of such plurality 
of unique identifiers can map to separate and distinct accounts, or can map into any 
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combination thereof. Mapping of the unique identifiers to the same account can only occur 
after registration and authentication (as described below) of each of such plurality of unique 
identifiers and only if the user which authenticates such unique identifier also has access, as 
verified by a password chosen at registration, to the account to be mapped to. 

Registration of a digital mailbox for a unique identifier may occur in a number of 
different ways: 

(i) transmission of data to a specified user at a postal address (which is a valid 
geographically determinate physical address) that corresponds, using a deterministic method, 
to a unique identifier not yet in the digital mail account database of registered accounts. This 
means that the recipient has not previously registered their digital mailbox and thus a new 
digital mailbox for the combination of the user's entityname and postal address can be pre- 
registered. This mechanism is called "sender-initiated account pre-registration" and can apply 
both to messages sent using ordinary e-mail or through the preferred browser interface, both of 
which allow digital Mail to be accumulated for a recipient. However, the digital post office 
can choose to only send physical print mail in the case of messages sent using the preferred 
browser interface. 

(ii) a new user can request an account by entering both an entityname and a postal 
address (which is a valid geographically determinate physical address) that corresponds, using 
a deterministic method, to a unique identifier not yet in the digital mail account database of 
registered accounts. This mechanism is called "user-initiated account registration" and the user 
can choose whether to request immediate authentication by validation of their identity through 
a trusted database (such as a credit-check) or whether to wait for a passcode to be physically 
sent to them. If the user chooses the latter method, then the account is left in a "pre-registered" 
state until the user receives the passcode and finishes registration. 

(iii) an existing user with a digital mailbox account requests the allocation of a new and 
distinct entityname and postal address (which is a valid geographically determinate physical 
address). This is one way in which the user may obtain multiple digital mailboxes for different 
unique identifiers based on their name and addresses. 

In any of (i), (ii) or (iii) above, the creation of a new unique identifier in the system 
instigates the allocation of an entry in the database system for such unique identifier, but such 
a pre-registered account is not considered registered and authenticated until a user chooses one 
of the authentication methods to prove they really can receive physical mail at the postal 
address specified. The authentication process of a unique identifier is accomplished using 
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verification processes which all have the fundamental concept of checking that a user really 
can receive physical mail addressed using the postal address from which the unique identifier 
is created. The authentication methods include: 

(i) the reception of a physical notice through a postal handling service (e.g. US Postal 
5 Service) sent by the system (preferably, automatically) to the designated user at the postal 

address, and the registration into the digital post office system of a passcode printed in the 
physical notice. 

(ii) validation of the user's name and postal address in an existing trusted database 
containing postal addresses, such as by using a credit check on a supplied credit card number, 

10 the National Address Change Database, or other databases which are reliable sources of postal 
addresses; 

(iii) validation of name and postal address through the use of a pass code found on a 
mailing piece already sent to the user via the postal service (thereby authenticating the 
address), and provided by the user back to the system (thereby authenticating the user at the 

15 address). 

In all methods the authentication is based upon the trust inherited from the ability of 
the physical postal service to deliver physical mail to the user at the postal address included in 
the unique identifier. In the first method the notice contains (i) an indicator of transmission of . 
data to the user (by some other sender) or an attempt by the user to pre-register an account in 

20 the database system, (ii) information to access the database system, and (iii) a pass-code 
necessary to complete the authentication of the unique identifier. Until authentication of a 
unique identifier, access to the database system is limited to the functions provided for digital 
mail accounts with no bound unique identifier, which includes the sending of digital mail to 
others, but such mail is presented as "authentication pending". 

25 Optionally, the registration process may also include specification and validation of 

data for other addressing modes, specifically including a telephone number and e-mail address. 
Each of these additional pieces of data are also subject to authentication. A telephone number 
can be authenticated by having the user call from the specified number and using Caller-ID to 
identify the number is really accessible to the user. An e-mail address is verified by having the 

30 digital post office send e-mail containing a code to the user, and having the user reply to the e- 
mail message. Each of these additional registration steps enable their respective addressing 
modes for the user's digital mail account 
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The invention also includes methods for presentation of digital mail messages to a user 
in definitive categories that are based on the authentication status and type of sender. These 
categories allow a user to choose with confidence which digital mail to prioritize or discard. 
The method is advantageous even relative to actual physical mail because digital mail arrives 
5 sorted directly into the correct categories without effort from the user. The user does not have 
to write any particular filtering or sorting rules as in an e-mail client, as is conventional, in 
order to obtain the pre-sorted mail. The present invention includes a digital mail client 
application with a user interface that is structured to segregate incoming mail into visually 
distinguished grouping based on the type and authentication status of the sender. For example, 
10 the user interface may segregate the display of digital mailbox from business senders, personal 
senders, and/or by whether the sender is authenticated, not authenticated, or authentication 
pending. 

The invention also includes a set of interfacing systems with electronic mail networks 
for the transmission of data to and from the digital post office system. These include: 
15 (i) Outgoing forwarding via e-mail: a method for forwarding of data transmitted to an 

authenticated unique identifier bound to a digital mailbox in the system to an e-mail address 
similarly bound to such digital mailbox. This allows for digital mail which has been 
addressed to the recipient in one mode to be forwarded and received by the recipient via a 
number of modes. For example, the sender may send an electronic communication to the 
20 recipient using the recipient's postal address. From the postal address and recipient name, the 
system determines the unique identifier formed from the name and address, and identifies the 
appropriate digital mailbox. The system then forwards the electronic communication to an e- 
mail address that the recipient has previously provided. Alternatively, the sender could have 
specified the recipient's telephone number, and again the system would create the unique 
25 identifier from the name and number, lookup the recipient's digital mailbox, and the e-mail 
address of the recipient specified therein, and forward the electronic communication 
accordingly. The advantage here is the ultimate destination described by the unique identifier 
has been authenticated and so the sender has assurance that the intended recipient receives the 
electronic communication. 
30 (ii) Outgoing replicating via e-mail: a method that duplicates the transmission of data 

to an authenticated unique identifier bound to an account in the database system, using any of 
the addressing modes, to an e-mail address similarly bound to such account. 
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(iii) Outgoing new messages via e-mail: a method for transmission of data by a user in 
the system to any existing e-mail address; and 

(iv) Automatic sorting of incoming messages: a method for allocation of data received 
from an electronic mail network external to the database system to an account addressed by 

5 any of a variety of addressing modes specified in such transmission, or according to the class 
of sender (e.g. whether the sender is personal sender, a business, etc.). 

The invention also includes a system for the creation of a new message that gets sent to 
a user at a postal address (whether or not such unique identifier has previously been registered 
or authenticated), and simultaneously submitted to a queued database system which generates 

10 a printed form of the data and distributes the printed form to a postal handling service for 

delivery to the user at the postal address specified. This allows a sender to send an electronic 
communication to a recipient who is not yet using the digital mail system, and for the recipient 
to receive the electronic communication in printed form at their postal address. 

The invention also includes a system for the allocation, storage, retrieval and display of 

15 advertisements allocated into different categories in an advertising database system, including 
general, geographical, sponsorship or any combination thereof (i) on the display pages 
accessed by the user of the database system, (ii) in specified allocable portions of the data 
transmitted, received, stored, retrieved and displayed from the database system to the user, and 
(iii) in specified allocable portions of the printed form of the data distributed through a postal 

20 handling service. 

The invention also includes a system for the authentication of data transmissions 
throughout the network and database system, including authentication of transmissions 
between the database system elements and authentication of transmissions as sent and received 
between users. The authentication of the transmissions is accomplished through a new Digital ; 

25 Mail Transfer Protocol which does not allow anonymous or unproven sender identities. 

Instead, all data transmitted throughout the database system is authenticated by the inclusion 
of cryptographic digital certificates, whose validity is based upon an authentication trust 
authority with a root authentication secured in a bank vault and a hierarchy of nodes 
representing different authentication entries for all elements of the Digital Mail Network. The 

30 hierarchical distribution of trust and staged expiration dates of the digital certificates assure 

that security of the authentication is maintained and recovered, even if threatened by malicious 
intents. Users can therefore put trust and confidence in the authentication of each sender and 
in all status information about both senders and receivers. 

10 
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By providing the above features and elements, and as described in more detail below, 
the invention described herein provides the following advantages and distinctions over the 
prior art: 

The present invention provides the ability to send a message electronically using the 
physical street address or telephone number of the recipient. Such messages can be initiated 
from a browser interface (by filling out an online form). Alternatively, a user can initiate such 
a message via an ordinary e-mail composed using a conventional e-mail software product, by 
putting the address as text inside the body of an e-mail message, and sending it to a 
predetermined e-mail address (such as, for example, postmaster@postOffice.com) . The 
present invention receives and parses the e-mail message, and generates the message for 
delivery to the specified address. If a telephone number is provided, the present invention 
consults a database to determine the physical address corresponding to the telephone number. 

The present invention also facilitates automatic updating of e-mail addresses when an 
individual moves or changes jobs, or the like. By contrast with conventional systems, 
whereby if a person moves, e-mail is not automatically forwarded, the present invention uses 
postal address change information submitted to the USPS National Address Change database 
to redirect electronic mail. Address change information triggers re-registration of the new 
physical address and then delivery of paper and digital mail to the person at the new address. 

The present invention provides a mechanism by which a message can be sent 
electronically to a recipient, without requiring that the recipient have taken any prior action 
such as "opening" an account or selecting an address. This provides significant advantages 
over conventional e-mail systems, which commonly rely upon "usernames" that must be 
chosen in advance, and which must be unique within a domain. In addition, such convention 
e-mail addresses must be known to a sender before that sender can initiate electronic 
communication with the recipient. The system of the present invention requires no such prior 
steps, because it can use a postal address or telephone number to identify a recipient, without 
requiring prior assignment of a username. In addition, in one embodiment, the sender's action 
in initiating a communication with a recipient triggers pre-registration of the recipient, and can 
thus facilitate a viral marketing scheme as described below. 

The present invention further provides functionality for "best-effort" or "closest- 
match" addressing. By contrast with conventional electronic addressing methods which 
require an exact (character-by-character) match, the present invention provides heuristics for 
determining a closest match for an input address, and if appropriate prompting the user as to 

11 
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whether the closest match is the intended address. In one embodiment, several close matches 
can be displayed for user selection. In addition, the present invention provides an address 
correction wizard which checks both the validity and uniqueness of an address. If appropriate, 
the system suggests alternative close-matching choices, or requests more distinguishing fields 
5 (such as an apartment number). 

As will be described in more detail below, the present invention facilitates several 
addressing modes. In one such mode, users can identify recipients based on digital mail box 
numbers, which are unique recipient identifiers. In one embodiment, such numbers are 
provided in the same format as credit-card numbers (i.e. 16 digits, broken into four groups of 
10 four digits each). Such digital mail box numbers are cross-indexed to full address information 
for a recipient. A user can send mail to a recipient electronically by specifying the box number 
within the e-mail address (e.g., boxnumber@postoffice.com) . 

Also, the present invention permits price discrimination based on addressing mode. 
For example, a postage price structure can be developed with varying price levels depending 
15 on whether the sender uses the digital mail box number, the postal address, an email, or the 
telephone number of the recipient as the address. This can be used to encourage certain 
addressing modes over other modes. 

Since the present invention provides a mechanism for addressing based on postal 
addresses, authentication of identity is facilitated based upon the recipient's ability to receive a 
20 piece of physical mail at a particular postal street address. Once this authentication has taken 
place, further electronic mail messages to that recipient benefit from the previously obtained 
authentication. In other words, the present invention can guarantee that an entity claiming to 
have a particular street address actually does reside there, since the entity was able to receive a 
code sent to them by physical delivery (which the entity then registered online). Alternatively, 
25 some other authentication method may be used, which inherits knowledge of a past physical 
delivery. 

Authentication based on ability to receive physical mail can also be "piggy-backed" 
onto some physical mail item. Thus, a code for receiver authentication can be printed on some 
other sender's physical mail, thus both saving postage, and potentially gaining customers 
30 through a wider distribution. 

By providing authentication based on ability to receive physical mail, the present 
invention facilitates trusted delivery to a trusted address. In other words, the sender can be 
assured that an electronic message is sent to the recipient whose identity has been proven. 
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In addition, the present invention provides authentication as to the sender's identity. 
In one embodiment, messages from unauthenticated senders are allowed, but are labeled as 
such, and sorted into different categories, without effort by the recipient. This allows the 
recipient to decide whether such unauthenticated messages should even be read, with the 
recipient having to define their own, often unreliable rules for identifying "junk" mail as in 
conventional email systems. 

Sensitive communications can be subject to an additional level of authentication. For 
example, when sending mail using the browser interface, a sender can specify that the recipient 
be required to provide additional authentication information (such as supply mother's maiden 
name, a sender-specific account number, password, or other secret information), prior to 
allowing the message to be read by the recipient. 

Using the present invention, the authentication of an entity with a proven postal 
address can be certified to others by providing an automatic Digital Signature. The present 
invention can provide the Digital Signature for inclusion on other documents or in outgoing 
ordinary e-mail messages, thus providing authentication for any sender or receiver capable of 
reading Digital Signatures. 

The present invention also provides several advantages in the presentation of messages 
and their content. For example, the invention facilitates pre-sorting of received mail into 
categories. Digital Mail is automatically presented in categories, both in the Digital Mail 
browser, and in conventional e-mail readers. When displaying messages in a conventional e- 
mail reader, the invention may adjust subject lines and/or receipt times so as to "trick" the e- 
mail reader into presenting messages in a category-sorted order (e.g., timestamping all 
messages from one particular class of sender 10 years back, another class of sender 20 years 
back and so forth; or prefixing subject lines with sender class designation, such as "Personal," 
"Business," and the like) . Categories are defined by the type and attributes of the sender, 
which are reliable due to the trust in the sender's identity provided by sender authentication. 
Some items, deemed higher priority than others within a given category, can be presented at 
the top of the category list, overriding normal sort methods such as order of arrival. This 
priority designation can be specified, for example, at premium cost to the sender, independent 
of any action by the receiver. 

The present invention provides techniques for blending "transient" electronic 
messages (such as "instant" messages) with "ordinary" e-mail messages in a single mail 
reader. Thus, both types of messages can appear in the same list and format within an e-mail 
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reader, with the transient message disappearing when no longer relevant (such as when the 
sender of an instant message is no longer on-line). 

The present invention provides techniques for authenticating the sender and receiver of 
an instant message. One of the problems with conventional instant messaging, such as AOL 
5 Instant Messenger™, lies in authenticating the sender and receiver, as the public domain 

instant messaging protocol TOC is easily spoofed, with just a userid and an XOR'd password 
for protection. By contrast this present invention allows the authentication of instant 
messaging using the authentication methods provided by the present invention. 

Another advantage of the present invention is the capability of notifying a recipient of 
10 the arrival of electronic mail by any of several means, such as by telephone, fax, physical print 
delivery, and the like. The choice as to notification means can be made independently by both 
the sender and receiver. In conventional messaging services which allow users to, for 
example, receive faxes by e-mail, or to have their e-mail voice-synthesized to them over the 
phone, the notification mode is chosen by only one of either the sender or receiver. By 
15 contrast, the present invention allows both the sender and receiver to independently order extra 
delivery modes for any message. 

The present invention also facilitates insertion of an advertisement, promotion, gift 
certificate, or coupon into printed physical personal mail, leveraging off of the sender's 
judgment about which promotions, etc. would be of interest to the recipient. Conventionally, a 
20 personal mail piece is separate from business or advertising pieces. The present invention 

allows the creation of a single printed mail piece with both the personal message from a sender 
unrelated to the advertising entity, such as a sender personally known to the recipient, as well 
as promotional/incentive material provided by an advertising entity, but selected by the sender. 
The single printed mail piece can be structured so that, after an initial opening, only part pf the 
25 personal message is visible. Thus, the recipient must unfold the piece to see the rest of the 
personal message, thereby revealing the advertisement or coupon. Such printed mail pieces 
may be used both as physical paper greeting cards and as the initial notification method 
following pre-registration of a recipient. By providing a code on the printed mail piece, which 
is then entered by the recipient via an on-line form, registration of a recipient is facilitated. 
30 The present invention also provides a technique for "on-the-fly" mail merge. 

Conventionally, mailing list expansions (called "mail merge"), for both physical and electronic 
mail, must replicate as many copies of the whole message as there are recipients. This is 
particularly costly (in both postage or storage) when many copies must be produced and 
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distributed. The present invention allows storage of a single copy of the base message, and 
personalization at the time of a recipient reading a message, instead of at the time of sending. 

The present invention provides increased security in message transmission by 
employing a secure protocol designated as a Digital Mail Transfer Protocol (DMTP). This 
5 protocol improves on conventional Simple Mail Transfer Protocol (SMTP) by providing 
sender validation, by reference to both the host machine and the sending program. This 
heightens the security of electronic message transmission and decreases the likelihood of 
spoofing or hacking. 

Users can be supplied with free software to run locally as a mail server on their local 
10 machine that enables all transmissions leaving their computer to use the secure DMTP 
protocol. The invention thereby provides users the choice of using mail servers either 
remotely (at a centralized post office) or on their own computer. If they do run the servers on 
their own computer, then the system can be configured so that all mail transmissions leaving 
the security of a user's own hardware use the secure encrypted DMTP protocol over the 
15 Digital Mail Virtual Private Network, and have fully private content and headers. For either 
choice of server, a user also can choose (or continue to use) any mail client (such as Outlook 
Express®, Eudora®, Netscape Messenger®, etc.), and still get the advantages of DMTP. 

The present invention employs a hierarchical claim of trust in order to provide 
assurances that Digital Certificates issued by the invention are reliable and trustworthy. In one 
20 embodiment, the present invention establishes a hierarchical chain of trust rooted in a 
computer stored in a secure bank vault, such as a Swiss bank vault, that can generate 
certificates proving its identity and authorization. The digital mail network uses the hierarchy 
of certificates to provide secure trust for all transmissions and mail delivery. This trust 
hierarchy is then used to verify host identities instead of relying upon the Internet's DNS 
25 (Domain Name Servers). This not only secures the transmissions, but also verifies that the 
computers making the transmissions are not imposters. The invention can thus use the 
hardware infrastructure of the internet by creating a virtual private network with encrypted 
transmissions between hosts by doing its own authentication of the identity of those hosts. 

The present invention further encompasses: the combinations of hardware and software 
30 systems that enable the forgoing processes with their various features and benefits; the 
software products that execute on conventional hardware to provide the above describe 
functionality; the user interfaces of the digital mail client applications that allow senders and 
recipients to manage digital mail accounts; the business methods for customer acquisition and 
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revenue generation which utilize the various processes of the digital mail network, along with 
the business methods related to the operation of a digital mail network; the physical mail 
pieces that include postal information of recipients and authentication or passcodes for 
authentication of a recipient's postal address; and the physical mail pieces such as greeting 
5 cards and the like that combine personal messages of a sender with coupons, advertisements, 
or promotions, etc. of an advertiser selected by the sender. 

Brief Description of the Drawings 

FIG. 1 is a block diagram overview of one embodiment of the database system and 
network of the present invention. 
10 FIG. 2 is a block diagram of the scalable system of computers that make up the 

backbone of the Digital Mail PostOffice embodiment of the present invention. 

FIG. 3 is a block diagram of the software processes that form the remote server side of 
the Digital Mail Network, and run physically on the computers of the Digital Mail PostOffice. 
FIG. 4 is a block diagram of the software processes that form the local server side of 
15 the Digital Mail Network, and run physically on the computers of a user . 

FIG. 5 is a block diagram of the software processes that form the local client side of the 
Digital Mail Network, and run physically on the computers of a user . 

FIG. 6 is an illustration of the type of folded physical mail that can be sent to notify 
entities that they have received Dmail waiting for them, and to enable them to activate their 
20 accounts. 

FIG. 7 is a block diagram depicting a prior art addressing system for message 
transmission. 

FIG. 8 is a block diagram depicting a unified addressing system for electronic 
messages, according to the present invention. 
25 FIG. 9 is a block diagram depicting sender-initiated account creation according to the 

present invention. 

FIG. 10 is a block diagram depicting user-initiated account creation according to the 
present invention. 

FIG. 1 1 is a flowchart showing a method of registration, including authentication of 
30 postal address, telephone number, and e-mail address, according to the present invention. 

FIG. 12 is a flowchart showing a method of user-initiated address checking including 
potential new account pre-registration, according to the present invention. 
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FIG. 13 is a flowchart showing a method of sender-initiated digital mail including 
potential new account pre-registration, according to the present invention. 

FIG. 14 is a screen shot of a sign-up screen according to one embodiment of the 
present invention. 

FIG. 15 is a screen shot of a screen for collection of additional registration information 
according to one embodiment of the present invention. 

FIG. 16 is a screen shot of a mailbox screen according to one embodiment of the 
present invention, showing sorting by category and prioritizing of mail items. 

FIG. 17 is a screen shot of a message display screen according to one embodiment of 
the present invention, including an electronic message addressed by a physical postal address. 

FIG. 1 8 is a screen shot of a screen for composing a letter according to one 
embodiment of the present invention, including a variety of addressing modes and address 
verification features. 

FIG. 19 is a screen shot of a greeting card composition screen showing greeting card 
type selection, according to one embodiment of the present invention. 

FIG. 20 is a screen shot of a greeting card composition screen showing greeting card 
selection, according to one embodiment of the present invention. 

FIG/21 is a screen shot of a greeting card composition screen showing message input, 
according to one embodiment of the present invention. 

FIG. 22 is a screen shot of a greeting card composition screen showing greeting card 
addressing, according to one embodiment of the present invention. 

FIG. 23 is a screen shot of a greeting card composition screen showing gift certificate 
selection, according to one embodiment of the present invention. 

FIG. 24 shows a greeting card including a personalized message, gift certificate, and 
registration code, according to one embodiment of the present invention. 

FIG. 25 is a screen shot of an add contact screen according to one embodiment of the 
present invention. 

FIG. 26 is a screen shot of an options screen according to one embodiment of the 
present invention. 

FIG. 27 is a screen shot of an address verification screen according to one embodiment 
of the present invention. 

FIG. 28 is a conceptual diagram showing a comparison of digital mail with postal mail 
and e-mail. 
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DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

General Definitions 

Unless otherwise defined herein, all terms which are commonly used in the computer, 
marketing, and Internet communities shall have the meanings commonly given such terms in 
5 such communities. The following definitions are provided for illustrative purposes only, and 
are not intended to limit the scope of the invention as claimed herein. 

Advertiser : an Entity which provides or intends to provide an Advertisement. In 
one embodiment, Advertisers sign up to provide Advertisements, as described in more 
detail below. 

10 Advertisement : an advertising communication to be delivered to one or more 

Users. Advertisements may be delivered, for example, to (i) a User viewing content on the 
Digital Mail Network or (ii) an Entity who is in receipt of Print Digital Mail. Other 
delivery methods may also be used, as will be recognized by one skilled in the art. 
Advertisements may include, for example, any of a General Advertisement, Geographical 

15 Advertisement or Sponsorship Advertisement, or any combination thereof. 

Pre-Re gi stration : initiation of a Unique identifier. In one embodiment, this is 
performed by a) transmitting data to a Unique Identifier which has not been previously 
allocated in the Digital Mail PostOffice database, causing an allocation in the Digital Mail 
PostOffice database of such Unique Identifier for reference and the start of the 
Authentication process; or b) an Entity attempting to access the Digital Mail Network and 
entering a Postal Address to activate a new Unique Identifier; or c) a User requesting pre- 
registration using a new Entity name or new Postal Address. In one embodiment, the Pre- 
registration also starts the Timeout Period for the Unique Identifier. 

Account : means by which the invention recognizes a User. In one embodiment, 
"Account" refers to a virtual allocation of a Digital P.O. Box with at least one Unique 
Identifier. A User can access the Account to create, transmit, receive, store and retrieve 
Digital Mail. 

Digital Mail or Drnail : a communication that can be transmitted, received, stored, 
or retrieved by a User. In one embodiment, such communications are associated with a 
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Digital Mail PostOffice. As will be recognized by one skilled in the art, Digital Mail can 
exist in any format, medium, or protocol, including for example any MIME or S/MIME 
format, digital postcards, greeting cards, letters, documents, brochures, catalogs, and the 
like. 

5 Digital P.O. Box: a virtual holding location, for example in the Digital Mail 

PostOffice. In one embodiment, a Digital P.O. Box is identified with respect to a User and 
an Account by a n-digit number written as a string of digits and spaces. For example, the 
account number may be a 16 digit number formatted like credit card numbers: "0123 4567 
891 2 3456". Formatting like a credit card number has the advantage that it instills in users 
a sense that the number is important and confidential, thereby further enhancing the care 
with which users treat their account numbers. One skilled in the art will recognize that any 
other format for the Digital P.O. Box may also be used. The association between a Digital 
P.O. Box and an Entity is defined, in one embodiment, by the database stored at the Digital 
Mail PostOffice. 

Digital Mail Network : a combination of interconnected components that enable the 
functionality of the present invention, including, for example, the Digital Mail PostOffice, 
the Digital Mail Virtual Private Network, the trust authority hierarchy, and the client/server 
processes used for exchange of Digital Mail. 

Digital Mail Virtual Private Network : a Virtual Private Network, as is known in 
the art. This may be implemented, for example, as an encryption-secured environment for 
communication across the Internet. 

Digital Mail PostOffice : an infrastructure, including hardware and software 
elements, for implementing the functionality of the present invention, including for 
example a database system, interfaces to a Digital Mail Network Virtual Private Network 
and alternate email networks, generation of physical printed mail, and advertising database 
and control. In one embodiment, computers associated with Users and Entities are 
separate from and interact with the Digital Mail PostOffice. 

E-Mail Network : any conventional e-mail network implementation. 
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Entityname : The exact text used to refer to a user, which becomes part of the 
database entry for a unique identifier for that user. The term "entityname" is a precise 
object, whereas the word "user" can refer both to a subject taking an action, as well as 
loosely to its own name. 

5 E/PA: the combination of an entityname with its Postal Address. 

General Advertisement : in one embodiment, this refers to any Advertisement that 
can appear to a User with content or in the advertisement section of physically transformed 
Digital Mail. 

Geographical Advertisement in one embodiment, this refers to an Advertisement 
10 that appears to geographically-selected Users or to receivers of physically transformed 

Digital Mail. 

Postal Address : a geographically determinate address that is associated with a 
location. Typically, Postal Addresses are assigned by a country's centralized postal service 
for the delivery of physical media through a Postal Handling System . 

15 Postal Handling System : any type of service for delivery of physical mail, 

including both government and private postal services, express delivery services, and the 
like. 

Print Dmail : a printed counterpart to Digital Mail. In one embodiment, Print 
Dmail may be generated and mailed from a geographical location to an Entity with a valid 
20 Postal Address. 

Preformat Print Efrnail a transformed counterpart to Digital Mail. In one 
embodiment, Preformat Print Dmail may be forwarded to a print and mailing system to 
convert such data into Print Dmail. 

Physical Notification : hard copy notification. In one embodiment, Physical 
25 Notification is sent upon Pre-registration of an Account. Such notification includes, for 

example, information as to accessing the Digital Mail Network, the use of a passcode to 
allocate an Account for the Entity based upon the Unique Identifier, and the like. 
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Registration : authentication of a Unique Identifier. In one embodiment, this is 
performed upon Pre-registration of the Unique Identifier, and corresponds to the opening 
of a Digital Mail Account. In one embodiment, Registration is performed in response to 
an action taken by a receiver, whereas Pre-registration of an Account may occur in 
response to an action of an unrelated sender. Registration may include, for example: 
sending a Physical Notification to an Entity with a Postal Address; or inheriting proof that 
physical mail can be received using the Unique Identifier. Registration may further 
included the process by which an Entity accesses the Digital Mail Network and supplies 
the information; the database is then updated to reflect the Registration. In one 
embodiment, if Registration of an Activated Unique Identifier is not completed within a 
predetermined period of time, a Timeout occurs, and the Unique Identifier is deactivated 
by removal from the Digital Mail Database. 

Sponsor : an Advertiser. In one embodiment, Sponsors are Advertisers who have 
signed up with the Digital Mail PostOffice to sponsor, for example: (i) specific content on 
the Digital Mail Network, within Digital Mail that is transmitted, or on Physically 
Transformed Digital Mail; (ii) any content on the Digital Mail Network or within Digital 
Mail which is viewed by Users; or (iii) any content on Physically Transformed Digital 
Mail that is sent to a recipient. 

Sponsorship Advertisement : an Advertisement associated with a Sponsor. 

Timeout Period : a predetermined time interval. In one embodiment, if Registration 
of an Activated Unique Identifier is not completed within the Timeout Period, the Unique 
Identifier is deactivated by removal from the Digital Mail Database. 

Unique Identifier: an identifier for a user. In one embodiment, the Unique 
Identifier is created using the combination of the Entity name and the Postal Address. 

User: a person, business, or group capable of having regular postal mail or other 
physical delivery sent to it. 



System Architecture 
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The fundamental objective of the Digital Mail Network is to provide flexibility of 
addressing modes and delivery modes. In contrast to the prior art shown in Figure 7, where 
each addressing mode implies a unique delivery mode, the Digital Mail Network, as shown in 
the overview in Figure 8, allows any addressing mode to result in a message, or notification 
5 for a message, to be delivered using any delivery mode. For example, in the prior art, the 
postal address 601 was only meaningful to the postal delivery service 602, and a telephone 
number 606 was only meaningful to the telephone network 607. It was previously not 
possible to "address" a message using a telephone number 606, and have the message physical 
delivered. The digital Mail Network 100 allows such flexibility. With this invention, it is now 
10 possible to use the postal address 601 as an addressing mode for message that gets delivered 
electronically 605, and likewise it is possible for a message sent to a traditional "email 
address" 604 to trigger physical delivery 602 of a print version 603 of the desired message. 
Likewise, it is possible for a telephone number 606 to be used as the only "address" of the 
recipient, or for electronic messages to trigger notification by telephone 610. 
15 The Digital Mail Network is implement by a system of software processes running on 

scalable arrays of computers. Referring now to FIG. 1, there is shown the top-level 
architecture of one embodiment of the Digital Mail Network 1 00, in accordance with the 
present invention. 

20 Digital Mail Network 

The Digital Mail Network 1 00 provides an operating environment for the present 
invention. In a preferred embodiment, the Digital Mail Network operates as a distributed 
system of networked components. The networked components are coupled together over a 
local area network or wide area network either publicly, such as the public Internet, or 
privately, such as the Digital Mail Virtual Private Network. The Digital Mail network routers, 
which provide interconnection of components on the network, also provide firewall protection 
that conceal internal networks from external networks and enforce secure access between 
components on the Digital Mail Network and the public Internet. The Digital Mail Virtual 
Private Network (DMVPN) provides end users with a way to privately access information on 
over a public network infrastructure such as the Internet . The DMVPN provides privacy 
using tunneling and encryption. In a tunnel, a private point-to-point connection is established 
between endpoints to exchange information. This connection cannot be accessed by other 
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parties. Encryption scrambles the data that is sent between two endpoints such that anyone 
observing the data cannot determine its content. 

Digital Mail Authentication Authority 

In a preferred embodiment there is a central trust authority 113 with multiple zone sub- 
authorities who issue and revoke Digital Certificates. A Digital Certificate is a set of data that 
completely identifies an entity, and is issued by an Authentication Authority only after that 
authority has verified the entity's identity. The Digital Certificates serve to authenticate each 
component in the network and provide for authentic and encrypted sessions between 
components. Digital Certificates are also a form of digital identification used to prove the 
identities of users on nonsecure networks such as the Internet and provide the information 
necessary to conduct private communications and prove the origin of communications. The 
term nonsecure network is used here to refer to a computer network that can be routinely 
accessed by users without the need to obtain access permission. Communications on such a 
network are subject to possible monitoring by unknown users. The potential also exists for 
fraudulent communications in which senders of messages falsely represent themselves. The 
Digital Mail Authentication Authority provides privacy and authentication services ensuring 
that only individuals with whom we want to share the information can understand it, and 
people with whom we share the information are really the individuals chosen to share it. 
Privacy in this context depends upon the ability to prevent anyone except the intended 
recipient from being able to read a message - even though anyone on the network might be 
able to intercept it. Authentication in this context is the verification that the entity with whom 
you are communicating is, in fact, who you think it is - even though you have no direct 
physical means of proof. 

Trust Authority Root and Zone Authorities 

In the preferred embodiment there is a Trust Authority Root 1 1 3 and multiple Zone 
Authorities 1 13z. Within large worldwide networks that are composed of smaller, multiple 
regional units, the need for each unit to manage their own resources is required. Each unit 
must enforce the policies under which approval is granted to requesters to gain access to their 
resources. Providing these units the ability to issue Digital Certificates themselves can be 
accomplished by allowing them to become certifying authorities, each with their own Zone 
Authority server 1 1 3z. Misuse of authority is addressed through use of the Trust Authority 
hierarchy. The hierarchy begins with an ultimate certifying authority called Root 1 13. The 
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Root authority 1 1 3 certifies Zone Authority servers 1 1 3z within the network to enforce 
security and control throughout the entire system. If for some reason a Zone Authority 
mismanages the issuance of certificates, the relevant Zone Authority server certificate can be 
revoked by the Root authority. This effectively invalidates certificates issued by the Zone 
5 Authority without affecting any other certificates issued by the Root Authority. 

Digital Mail PostOffice 

In a preferred embodiment there are one or more central Digital Mail PostOffices 107 
which provide centralized mail storage, mail delivery, mail exchange, account databases, 
account directories and lookup, postal address directories and address correction, digital mail 
10 piece authentication, digital postage accounting, and other mail handling services. The Digital 
Mail PostOffice 107 is coupled via the private Digital PostOffice Virtual Private Network 
Interface 160, and the public Digital PostOffice Internet Interface. In a preferred embodiment 
the Digital Mail PostOffice 107 includes Digital Mail Storage 1 14, Digital Mail Exchangers 
109, Digital Mail Account Databases 115, Digital Mail Directories 1 10, Digital Mail Address 
15 Correction 150, Digital Mailbox Authentication 152, Entity Interface Servers 210, Digital Mail 
Print Servers 111, Digital Mail Print Systems 117, and Digital Mail Advertisement Servers 
112. 

Digital Mail Account Databases 

In a preferred embodiment the Digital Mail Account Databases 115 provide storage for 
account data for a large number of digital mailboxes and include account numbers, account 
identifiers such as name, postal address, telephone number, email, fax number, Digital PO Box 
number, and the like. The databases 1 15 store user ID's, authentication information 
(passwords, digital certificates, and the like) and other identifying data. The database 115 
stores information regarding recently registered and pre-registered accounts. The database 115 
stores financial information associated with the Digital Mail Account including Digital 
Postage account balances and transactional information associated with mail handling and 
payment processing. The database 115 stores a collection of statistics associated with the 
account that are used for many purposes including heuristic algorithms used in mail handling, 
new account registration and other fee based services. The database 1 1 5 also includes user 
choices, preferences, alias lists, buddy lists, family member name lists, news preference lists, 
advertising preference lists, and explicit opt-in advertisement choices, and the like. Appendix 
C shows an example mail account organization for database 115. 
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Digital Mailbox Authentication Servers (DBA) 

In a preferred embodiment the Digital Mailbox Authentication servers 152 provide all 
the authentication services for a Digital PostOffice 107 including the functions for account 
pre-registration, registration, additions, changes, modifications, removals, and the like. The 
5 servers 1 52 also provide mail piece identification services and other authentication services. 
The servers 1 52 are primarily responsible for communicating with Zone Authorities 1 1 3z for 
digital certificate issuance requests and other digital certificate management functions, 
including revoking and the like. In the preferred embodiment the authentication servers can be 
implemented using Sun Microsystems Sparc computers, or any other comparable computer, 
10 using software in addressable memory embodying the authentication server architecture of the 
present invention. 

Digital Mail Storage 

In the preferred embodiment the Digital Mail Storage 1 14 database is composed of 
Mail In-Queue storage, the Mail Out-Queue storage, Undeliverable Mail storage, Individual 

15 Account Mail storage, Business Account Mail storage, Consumer Mail storage, and Broadcast 
Mail Storage. The Individual Mail Storage includes separate storage components Inbox, 
Drafts, Trash, Sent, and other personal folders managed by the user. Each storage component 
has sections for mail classes including Personal, Priority, Financial, Business First Class, 
Business Standard Class, selected Consumer Mail classes, selected Broadcast Mail classes, 

20 selected Email classes, and other specialty mail classes. Separate sections allow for 

management by class which includes separate rules for in-bound delivery, display, out-bound 
sending, notification, sorting, filtering, blocking, opt-in, opt-out, and other mail action rules. 
Appendix D shows an example mail storage organization. Appendix B shows example of one 
mail piece storage format extension to RFC-822 format known in the art. 
25 Digital Mail Exchange Servers 

In the preferred embodiment the Digital Mail Exchange servers 109 provide all 
services for digital mail reception and delivery management. The servers 109 provide the 
execution environment for the Digital MailMan modules. The Digital MailMan modules serve 
as the electronic equivalent of a physical postal mailman and provide for automated Mail 
30 processing and delivery for all mail forms. For each type of mail piece, there are separate 

Digital MailMan modules include Dmail-In procesing modules, Email-In processing modules, 
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Dmail-Out processing modules, Email-Out processing modules, and Undeliverable Processing 
modules. The Digital MailMan modules may run separately or together on a mail exchanger 
server. The modules include all mail processing functions including initiating address lookup, 
address correction, delivery heuristics for weakly matching name and address recipient data, 
5 and the like. The Digital MailMan modules perform address lookup using Digital Mail 
Address Correction 150 services. The Digital MailMan module provides Digital Mail 
Account 115 debit and credit during mail delivery and includes exception processing for 
various financial processing conditions. The Digital MailMan module provides notification 
processing using the the Digital Mail Notification moduel. The Digital Mail Notification 
10 module performs all notification functions including notifications for all mail processing 
actions and exceptions. Notification processing occurs using all possible communication 
mediums including dmail, email, telephone, fax, instant messaging, and the like. In the 
preferred embodiment, the exchanger servers 109 can be implemented using Sun 
Microsystems Sparc computers, or any other comparable computer, using software in 
15 addressable memory embodying the exchanger server architecture of the present invention 
which provides access to a mass storage device 1 14 which stores a database of Dmail. 

Digital Mail Address Correction (DAC) 

In a preferred embodiment the Digital Mail Address Correction servers 1 50 provide 
both deterministic and heuristic address lookup and correction services. The services are 

20 available as Address Correction Wizards operating using the Digital Mail Account databases 
1 15 and a combination of available worldwide postal address databases and postal change-of- 
address databases, including Postal Databases, such as the US Postal Address Database, the 
US Postal Change-of-Address Database, the Canadian Postal Address Database, other country 
Postal Address Databases, and the like. In the preferred embodiment the address correction 

25 servers 1 50 can be implemented using Sun Microsystems Sparc computers, or any other 
comparable computer, using software in addressable memory embodying the address 
correction server architecture of the present invention. 

Digital Mail Directory (DMD) 

In the preferred embodiment the Digital Mail Directory (DMD) servers 110 provide 
30 lookup and search services for various information within the Digital Mail Account storage 
115. The services include lookups for all addressing forms, including postal addresses, 
telephone numbers, digital PO Box numbers, and the like, and lookups for all identification 
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forms, including names, nicknames, aliases, buddy lists, and the like, stored within the Digital 
Mail Account storage 115. In the prefenred embodiment the directory servers 1 10 can be 
implemented using Sun Microsystems Sparc computers, or any other comparable computer, 
using software in addressable memory embodying the directory server architecture of the 
5 present invention which provides access to a mass storage device 115. 

Digital Mail Print Servers (DPS) 

In a preferred embodiment the print servers 1 1 1 are used to create physical mail pieces 
destined for delivery using the physical postal services. The print servers include functions for 
creating physical authentication mail pieces. The physical mail pieces may be combined with 
10 advertisements from the advertisement servers 112. In the preferred embodiment the print 
servers 111 can be implemented using Sun Microsystems Sparc computers, or any other 
comparable computer, using software in addressable memory embodying the print server 
architecture of the present invention which provides access between a mass storage device 1 1 6 
which stores Preformat Print Dmail in a queue, and a print system 117 which accepts such 
15 Preformat Print Dmail, creates Print Dmail, and then forwards such Print Dmail onto a Postal 
Handling Service 118. 

Digital Mail Advertisement Servers (DAS) 

In a preferred embodiment the advertiser servers are used to deliver advertising 
messages with electronic mail pieces and physical postal mail pieces optionally using targeted 
using geo-demographics and other statistical modeling using statistical data stored in the 
Digital Mail Account databases 115. In a preferred embodiment the advertiser servers 1 1 2 
can be implemented using Sun Microsystems Sparc computers, or any other comparable 
computer, using software in addressable memory embodying the advertiser server architecture 
of the present invention which provides access to a mass storage device 1 19 which stores a 
database of data objects representing advertisements. 

Physical Worldwide Paper Postal Service 

There are existing Physical Worldwide Paper Postal Services 1 1 8 that deliver physical 
postal mail to a physical location using the postal address. The Digital Mail PostOffice uses 
the physical postal services to deliver Print Dmail addressed by the postal address. In one 
embodiment, the Digital Mail PostOffice also uses the physical postal services to authenticate 
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a postal address associated with a Digital Mail Account 115. A postal address associated with 
a Digital Mail Account is authenticated by delivering to the account user, using the postal 
services for delivery, an authentication mail piece containing one or more passcodes. When an 
authentication document is delivered to the recipient by the postal services, the passcode(s) on 
5 the document inherit the trust imparted by the postal service's delivery to a trusted postal 
address. The authentication of recipient's identity is facilitated based upon the ability for a 
Digital Mail Account owner (a user) to receive an authentication mail piece at the postal 
address associated with his Digital Mail Account. A Digital Mail Account owner (user) uses 
the passcode(s) to complete the authentication process while logged on to the associated 
10 Digital Mail Account. With the authentication complete, a digital certificate is provided 
which inherits the trust imparted by the physical postal service for delivery to that identity. 
The digital certificate provided is subsequently used by both senders and receivers of 
electronic mail to authenticate sender and receiver identities respectively. 

Remote Entity Servers 

15 In a preferred embodiment there are one or more Remote Entity servers 210 located at 

the Digital Mail PostOffice 107 providing network services 106 to remote clients and which 
translate remote network communication from remote email and web clients, which 
communicate using standard Internet protocols (SMTP, POP, IMAP, HTTP), to the Digital 
Mail Transport Protocol (DMTP) protocol which interfaces to the Digital Mail Virtual Private 

20 Network 108. The entity servers include one or more Digital Mail Web Servers (DWS) 132, 
one or more Digital Mail Email Servers (EMS) 133, one or more Digital Mail Dmail Servers 
(DS) 134, and one or more Digital Mail Merge Servers (DMS) 1 35. In the preferred 
embodiment the entity servers 200 can be implemented using Sun Microsystems Sparc 
computers, or any other comparable computer, using software in addressable memory 

25 embodying the entity server architecture of the present invention. 

Entity Client 

In a preferred embodiment there are one or more entity clients 300 that provide the 
local execution environment for the creation, transmission, reception, storage, retrieval and 
display of data allocated to or transmitted from digital mail accounts ("digital mailbox"). The 
30 entity clients may communicate with the Remote Entity Servers 210 over the public Internet, 
or may be configured to use local Entity Servers 200 communicate using local interprocess 
communication 184. In the preferred embodiment the client systems 101 can be implemented 
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using a IBM personal computer, or any other comparable platforms, including a processor 
operatively coupled to a display, an input device, a network connection, and using software in 
the addressable memory embodying one of several client request architectures of the present 
invention, including a web-browser client 102 (such client being one of any number of off the 
5 shelf or similar web-browser packages such as the Netscape browser, the Microsoft Internet 
Explorer browser, etc.), an e-mail client 103 (such client being one of any number of off the 
shelf or similar SMTP or IMAP based e-mail packages, such as Microsoft Outlook, Eudora, 
etc.), a Dmail client 104, or a Dmail merge client 105. 

Entity Servers 

In a preferred embodiment there are one or more Entity servers 200 providing local 
network services on the client system 101 and which translate local network communication 
from local email and web clients, which communicate using standard Internet protocols 
(SMTP, POP, IMAP, HTTP), to the Digital Mail Transport Protocol (DMTP) protocol which 
interfaces to the Digital Mail Virtual Private Network. The Entity servers 200 also provide 
access to local mail storage, and other local mail handling and management services. In the 
preferred embodiment the client systems 101 can be implemented using a IBM personal 
computer, or any other comparable platforms, including a processor operatively coupled to a 
display, an input device, a network connection, and using software in the addressable memory 
embodying one of several client request architectures of the present invention, including the 
Digital Mail Web Server (DWS) 122, the Digital Mail Email Server (EMS) 123, the Digital 
Mail Dmail Server (DS) 124, and the Digital Mail Merge Server (DMS) 125. 

Entity Client Communication using Entity Server or Remote Entity Server 

The Digital Mail PostOffice 107 is connected either by the Digital Mail Virtual Private 
Network 108 or the public internet to the computers 101 of users, where the term "user" may 
refer either to a personal individual or to a business. Each user is able to choose whether to use 
the encrypted and secure Digital Mail Virtual Private Network 108 by installing local server 
software 200 on his own machine, or by accessing the server processes 210 providing the same 
functions but running on the computers of the central Digital PostOffice 107. In either case, 
the server process 200 or 210 communicate using existing standard protocols to client 
processes 300, but the difference is whether the transmissions on these unencrypted existing 
standard protocols are present on the public internet 106 or only local to the internal 
connections 184 of each users' own machines. The network connections 106 and 108 provide 
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access to the remotely situated Digital Mail PostOffice 107, either by unsecured public internet 
transactions, or by secured transactions over the Digital Mail Virtual Private network 108. 
The unsecured transactions on 106 are from the clients to the remote servers 132, 133, 134, 
135 running at hardware owned by the Digital Mail PostOffice. Or the server processes 122, 
5 123, 124, 125 can be run locally so that all communications leaving the physical computers 
101 at the user site are secure over the Digital Mail Virtual Private Network 108. 

Digital Mail Account Database Detail 

The Digital Mail Post Office 107 includes a digital mail account database 115. This 
database 1 1 5 stores account data for a large number of digital mailboxes. Each digital mailbox 
10 is associated with the name and postal address of a user, and other identifying information, 

such as email address(es), telephone number(s), facsimile number(s), and the like. In addition, 
any number of unique identifiers derived from a combination of the name and postal address 
are also associated with each user's digital mailbox. The database 115 may be a relational or 
object oriented database; either implementation is acceptable. The only significant constraint 
15 is that each digital mailbox can be accessed by various unique identifiers formed from the 
user's name and the other identifying information, one of the postal addresses, telephone 
numbers, or the like. The database 115 stores tables for each name component, and postal 
address component, telephone number, and so forth, and builds various primary and secondary 
keys based on combinations of these components. 

Each digital mailbox is also assigned an account number, which preferably includes a 
strong random number, and may include other verification digits (e.g. check digits). In one 
embodiment the digital mailbox account number is a 1 6 digit number, which may be presented 
for display like conventional credit card numbers, i.e. 4 groups of 4 digits. Users may also 
address electronic communications to other using the recipient's digital mailbox account 
number. 

The digital mail account database 1 1 5 also includes the collection of statistics that are 
available for use both by the Digital Mail PostOffice (in deciding, for example, what digital 
mail to forward by print mail), and for potential fee-based disclosure to senders or advertising 
sponsors. The statistical information, tallied both for pre-registered and registered accounts, 
includes count of: 

How many times a particular unique identifier has been used as a destination address 
by other senders. 
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How many times the digital mail account user has sent mail to recipients that were 
already registered and authenticated. 

How many times the digital mail account user has sent mail to "new" addresses, where 
this sender was caused such destination accounts to be pre-registered for the first time. (In 
5 particular, this last statistic is useful to recognize potential misuse, abuse, or spamming, and 
can be a factor leading to the de-registration of digital mail accounts. 

The digital mail account database 1 1 5 also includes user choices, preferences, alias 
lists, buddy lists, family member name lists, news preference lists, advertising preference lists, 
and explicit opt-in advertisement choices. 
10 In the preferred embodiment the Digital Mail PostOffice can be implemented using 

Sun Microsystems Sparc computers, or any other comparable computer, using software in 
addressable memory embodying one of several server client interface architectures of the 
present invention, including a web-browser server 122, an e-mail server 123, a Dmail server 
124 or a Dmail merger server 125, and in the case of either the web-browser client server 122 
15 or e-mail client server 123, corresponding software in addressable memory embodying one of 
several database interface server architectures of the present invention, including a web 
interface server 142 or an e-mail interface server 143. 

Part of the Digital Mail Network is the internal connection on 108 between the 
interface servers 210 and the exchanger servers 1 09, directory servers 110, print servers 111, 
20 advertiser servers 112, unique identifier generation servers 152 and address correction servers 
150. Alternatively, servers local to the user can communicate on 106 to the Digital Mail 
Virtual Private Network interface which acts as a bridge to the local Digital Mail Network 108 
inside of 107. 

Pre-registration of a Digital Mail Account 

25 A Digital Mail Account is pre-registered for reception of data in one of two ways: (1) a 

potential recipient can directly request opening of a Digital Mail Account, including the 
specification of a unique identifier or (2) a sender can attempt to transmit data to a recipient 
using their name and postal address, or other unique combination of recipient name and 
identifying, authenticatible information. 

30 A, User (recipient) direct pre-registration of a Digital Mail Account 

In the first method, shown in the overview Figure 10 and the more detailed flowchart 
Figure 1 1, a user 620 binds a unique identifier to a digital mail account (i.e. digital mailbox) 
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by accessing the Digital Mail Network and selecting an option to pre-register 621, which will 
create a unique identifier in the digital PostOffice database for transmission and reception of 
postal addressed data. Users would be motivated to request an account as a result of direct 
marketing, seeing promotional material on various web sites, hearing radio advertisements, or 
5 seeing print advertisements. The pre-registration process 621 allows the user a choice 633 of 
address authentication method. Typically, a user may choose physical postal authentication 
634 which will result in a letter 622 being printed and physically sent back to user 620 by a 
postal delivery service. Until an account's unique identifier is actually authenticated and 
registered (described in the next main section) and represented by boxes 616 and 617, 
10 messages sent from the digital mailbox are marked as being from a sender with 

"Authentication pending". When the user does receive the verification card 622, then the user 
can continue with the flow in Figure 11, visiting the web site and typing in the passcode on the 
verification card, and then re-entering 629 his Entityname and chosen password 630, and 
continuing with the registration process. The confirming of the physical receipt of the 
15 passcode 622 sent to the user verifies that the user was able to receive physical mail at the 

specified address, and so the digital PostOffice authenticates 617 the identity of the user in his 
future outgoing messages. Alternatively, if a user has received a "quickcode" card 635 already 
sent to him by another sender, the user can register immediately, without incurring an extra 
postal delay in waiting for card 622 to be delivered. 

After the fundamental postal address authentication, it is optionally possible for the 
user to choose 640 to register and authenticate 641 his telephone number or choose 642 to 
register and authenticate 643 his ordinary external email address. 

Describing now the hardware and software used for these steps of pre-registration and 
registration, in the preferred embodiment, a user, such as user A 131, accesses the system 100 
through a web browser client 102, and is provided with an option to activate a digital mailbox 
with new unique identifier to be bound to the digital mailbox. Selecting such option transmits 
the activate unique identifier request option across the network connections 106 and 108 to 
processes 122/132, which respond with a form page with fields for the entering of the new 
entityname ("E") and postal address ("PA") (such fields together referred to as the "E/PA"). 
UserA 131 interactively enters the fields of information used to identify themselves and their 
postal address plus any other optional information (e.g. telephone number, cell phone number, 
and so forth). 



32 



WO 01/13576 



PCT/US00/22321 



As will be described in the next section on the "Validation of a Postal Address", the 
server 122/132 does a preliminary check on the E/PA to determine whether all appropriate 
fields have been entered, or whether certain information is incomplete or not in appropriate 
form. If such check turns up errors, an Address Correction Wizard is invoked, and a new form 
page is created with the fields and data entered into by the user, indicating which fields are 
incorrect and need to be updated correctly, such page sent over the network connection 106 
and displayed for userA 131 to correct through the web browser client 102. 

With the completion of a preliminary check, the E/PA entered by userA 131 is passed 
off by the web server 122/132 to central authentication processors 152. The software invoking 
the unique identifier search goes through a set of procedures to attempt to heuristically match 
different permutations of the given entityname and ancillary data of the E/PA plus a 
normalized postal address to the already allocated unique identifiers stored in the mass storage 
system 115. That is, the software attempts to determine whether the user has previously 
activated a digital mailbox for this or a similar unique identifier. 

For example, one of the heuristics is to compare the given entityname to a list of 
known "disallowed" entitynames, such as "resident", "occupant", "owner", and to abort pre- 
registration of the digital mail accounts for names that would be not unique enough to expect 
registration. The disallowed entityname heuristics also include checks in a dictionary for the 
case where all of the words in the name are common dictionary entries. For example, 
"Humble President" is disallowed, but "President Swanson" is allowed. 

Figure 12 shows the flowchart of possible conditions and courses of action for potential 
user-initiated account pre-registration. First, the postal address 660 is checked 661 for a match 
in the digital mail account database 1 1 5 to determine whether it has already been registered. If 
there is no match, the new, valid, E/PA is added 666 into the database 1 15 as a new, activated, 
unique identifier therein. An account is established, an account number allocated, and the 
unique identifier, along with the underlying name and postal address information, are 
associated with the digital mailbox. The digital mail PostOffice may, at its discretion and 
through additional heuristics, choose to place further restrictions on this method. For example, 
an additional step can be to check whether the new E/PA exists in some larger set of postal 
address databases obtained from outside the digital PostOffice system (such as mailing lists 
from advertisers or catalog companies) and only allow free pre-registration of names found to 
exist in such mailing lists. If a user requests pre-registration of an E/PA that appears not to 
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exist in any mailing lists accessible to the digital PostOffice, then such pre-registration could 
be enacted only if the user agrees to pay a fee. 

If the postal address 660 matches one in the digital PostOffice database 1 1 5, then the 
entityname is checked 662 for matches to the entityname(s) already registered at the address. 
5 If the address matched but the entityname has no match to the existing names known at that 
postal address, then there is a "conflict" indicating a user may be trying to activate an account 
at the same postal address as has already been activated using a different name. However, it 
may also be valid that multiple individuals with unrelated names may share the same postal 
address (for example, roommates). Accordingly, the action taken is both to proceed with 
10 adding 666 the new request as a new activated unique identifier, but also to send 670 Dmail 
(an electronic communication within the system 100) to the digital mailbox for the pre- 
existing unique identifier. This informs the recipient for that unique identifier of the new pre- 
registration under another name, and gives them instructions that if they believe 671 the new 
pre-registration is incorrect that they can simply reply to the message (or click on a hyperlink), 
15 to direct the Digital Mail PostOffice 107 to deactivate 673 the newer unique identifier, or 
possibly this will require a specific telephone call to a Digital Mail PostOffice customer 
service human operator for additional verification When such a request for de-registration is 
received by the Digital Mail PostOffice, all mail held under the new digital mailbox being de- 
activated is forwarded 672 to the pre-existing unique identifier's digital mailbox. 
20 Another possibility is that the postal address matches one in the existing database, and 

the entityname has a weak match to one of the existing names already known at that postal 
address. A weak match is defined by heuristics including the mapping of nicknames and 
partial names ("Richard" weak matches to "Dick", "Mr." weak matches to "Dr.", "Mr. 
Brown" weak matches to just "Brown", "Joe Brown" weak matches to just "Brown", etc.). In 
25 this case, the entityname specified by the user requesting pre-registration of the account is used 
to update 665 the entityname in the database 115 for that unique identifier and account, and a 
Dmail message is sent to notify and confirm that the name change is intended. 

If the postal address matches one in the database 115, and the entityname has a strong 
exact match to one of the existing names known at that postal address, then there is no need for 
30 creation of a new Digital Mail Account, and like the other cases, the account is just enabled for 
registration. In this case, and the other cases 665 and 666 that completed pre-registration, 
registration is then enabled. If the user does not yet have 667 a passcode or quickcode, then 
this is the point in the flow that triggers the digital PostOffice to print a mail piece addressed to 
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the user's postal address and containing a passcode, and to queue its delivery 622 using 
physical delivery. The user will receive the printed mail piece with passcode, and then provide 
the passcode, along with identifying information back to the digital post office, thereby 
authenticating the user at the postal address. 

B. Sender based pre-registration of the unique identifier for an intended recipient 

In the second pre-registration method, shown in the overview Figure 9 and the more 
detailed flowchart Figure 13, a user 131/620 composes and sends a message to a potentially 
new recipient. The composition of the message includes the specification of the postal address 
either in the fields of the PostOffice client 104,105 software's web forms, or as text at the head 
of an email message that is parsed by servers 204 or 304, or through the use of digital mail 
merge client 105. For example, a message could be sent to digital postmaster (using email 
address postmaster(5)postoffice.com (or other pre-established domain) similar to: 

FROM: joe@anywhere.com 

TO: postmaster(q)postoffice.com 

SUBJECT: Business 



To: 

Bill Bones 
123 Main St. 

Anytown, CA, 92342, USA 

Call me to discuss our plans our new dotcom venture. 
Joe. 



As described below in the section on the "Validation of a Postal Address", the server 
122/132 does a preliminary check 612 on the E/PA (e.g., the combination of "Bill Bones" and 
his postal address) to determine whether all appropriate fields have been entered, or whether 
certain information is incomplete or not in appropriate form. If such check turns up errors, the 
"Address Correction Wizard" is invoked and either a new form page is created with the fields 
and data entered by the user, indicating which fields are incoirect and which need to be 
updated correctly, or if the incoming message was an email message 204/304, then the 
Address Correction Wizard generates a reply email message containing this same information. 
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Continuing in the overview, once the recipient's address is validated, the digital mail 
account is pre-registered 613 if needed, and print mail 614 is potentially generated and sent to 
recipient 615. After the recipient receives the physical mail, they may choose to access the 
digital Mail PostOffice and to use the quickcode on the physical mail to register 61 6 their 
5 account. Users are motivated to register their account both so that they can send authenticated 
617 digital mail 616 to other recipients 619, or to respond to one of the marketing programs, 
such as an offer to have the digital PostOffice send free greeting cards to this 61 1 sender's list 
of recipients. 

Figure 1 3 shows the more detailed flowchart of possible conditions and courses of 
10 action for potential sender-initiated account pre-registration. If the postal address 660 has no 
match in the PostOffice database, then the entityname 663 is compared 664 against list of 
known "disallowed" entitynames, such as "resident", "occupant", "owner". If the entityname 
does match one of the "disallowed" names, then the message is discarded, because sending it 
would lead to too much junk mail. 
15 If the postal address has no match in the PostOffice database, and the entityname is not 

one of the "disallowed" names, then in this case, the new, valid, E/PA is added 666 into the 
Digital PostOffice database as a new, activated, unique identifier, and the message is sent 680 
as Dmail to the new unique identifier. 

If the postal address matches 661 one already existing in the database, and the 
20 entityname matches 664 one of the entitynames on a list of known "disallowed" entitynames, 
such as "resident", "occupant", "owner", then in this case, there is not a creation of a new 
Digital Mail Account, but instead the Dmail message is sent 676 to all of the unique identifiers 
that have the postal address. From the point of view of a sender, Digital Mail has the 
advantage that their message gets automatically replicated and sent to all individuals with 
25 previously activated accounts at a household. 

If the postal address matches 661 one in the existing database, and the entityname is 
not on the disallowed list, then the entityname is compared 675 with the entityname(s) already 
registered at the address. If there is no match to any the existing names known at that postal 
address, then there is a potential "conflict" indicating a user may be trying to activate an 
30 account at the same postal address as has already been activated using a different name. But 
since it may also be valid that multiple individuals with unrelated names may share the same 
postal address (for example, roommates), the action taken is to both to proceed with adding 
666 the new request as a new activated unique identifier, and also to send 670 Dmail to the 
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pre-existing unique identifier, informing them of the new account pre-registration. This mail 
sent to the other names, already registered in combination with the postal address, gives them 
instructions that if they believe 671 the new pre-registration is incorrect that they can simply 
reply to the message (or click on a hyperlink), to direct the Digital Mail PostOffice to 
5 deactivate 673 the newer unique identifier's account. When such a request for de-pre- 

registration is received by the Digital Mail PostOffice, all mail held under the account being 
de-activated is forwarded 672 to the pre-existing unique identifier's digital mailbox account. 

An example of this flow is, if someone sends a message to "Sally Brown" at "123 Main 
St. Anytown, Big City, CA, USA/' and the only pre-existing name at that postal address is 
10 "Jane Brown", at first a new account is created for "Sally Brown", in case she really is a 
distinct person desiring a new digital mail account. But, if Jane replies to the Digital Mail 
PostOffice 107 that a sender just got her name wrong, then the account for "Sally Brown" gets 
deactivated* and the message that had been sent to "Sally Brown" gets forwarded to Jane so 
that it isn't lost. 

15 If the postal address matches 661 one in the database, and when the entityname is 

checked 675 against the names already registered at that address, either a weak or strong match 
is found, then there is no need creation of a new Digital Mail Account, and the Dmail message 
will be sent 680 to the pre-existing unique identifier's account. However, there are also further 
checks done to decide whether to additional print the message, along with a passcode) and 
queue the message for physical delivery 679. If the recipient is already authenticated and 
registered 677, then there is no need for physical delivery because the recipient will be able to 
read the digital Mail 680 sent electronically. If the recipient is not yet registered, then the 
authentication of the sender is checked 678. If the sender is also not yet registered and 
authenticated, then there is print version generated, to cut down on junk mail and misuse of the 
digital Mail PostOffice for generating paper spam. However, if the recipient is not yet 
registered, but the sender is authenticated 678, then there print version is generated 679 and 
delivered to notify the recipient that there is digital Mail 680 available. 

The following discussion describes the software and hardware flows used to implement 
the above actions in sender-based pre-registration. In either case of a Dmail client 104 or a 
Dmail merge client 105, one of the interface systems 107 is allocated to ran the Dmail server 
124 or Dmail merge server 125 corresponding to such client, with communication between the 
server software accomplished over the network connection 1 06. 
1. Dmail client 

37 



WO 01/33576 



PCT/USOO/22321 



In the preferred embodiment, an E/PA and the designated message is transferred from 
the Drnail client 104 to the Dmail server 124. The Dmail client 124 does a preliminary check 
on the E/PA that was entered prior to passing it to the Dmail server 124 to determine whether 
all appropriate fields exist, or whether certain information is incomplete or not in appropriate 
form. If such check turns up errors, an error for such specific E/PA is displayed. 

With the completion of a preliminary check, the E/PA and designated data entered by 
user A 131 is transferred by the Dmail client 104 to the Dmail server 124 over the network 
connection 106. The Dmail server sends a request over the network connection 108 to the 
digital mail directories systems 110. The request passes the E/PA to the digital mail directory 
systems to determine whether it corresponds to an existing unique identifier and to request an 
allocation of a new entry for a unique identifier if the corresponding unique identifier does not 
exist and is valid. The validity check proceeds as was previously described, with such 
procedures for unique identifier checks passing back to the calling routine either the existing 
unique identifier or a null result, and a tag indicating whether the postal address was invalid, 
the E/PA strongly matched against a unique identifier or the E/PA weakly matched against a 
unique identifier. 

In the case of an invalid postal address, the Dmail server 124 passes on an error 
message to the Dmail client 1 04 which then indicates such error result with respect to the 
postal address portion of the E/PA, and the transaction ends. 

In the case of a strong match the Dmail server 124 passes the corresponding unique 
identifier designator plus the data to be stored to one of the exchanger systems 109 which 
instance software for the allocation of the data to the referenced unique identifier in the mass 
storage device 1 14. 

In the case of a weak match, the Dmail server 124 passes back a check request to the 
Dmail client 104 for a request to userA as to whether the weakly matched unique identifier is 
the one that was supposed to be represented by the E/PA (i.e., in a situation that userA sends 
data to a partial address or leaves off an apartment number but still intended the recipient that 
was weakly found to correspond to the E/PA passed). 

If the response from userA through the Dmail client 104* is a negative response, the 
transaction proceeds as indicated in the next paragraph. If the response from userA through 
the Dmail client 1 04 is an affirmative flag, the corresponding unique identifier for the weak 
match, plus the data to be stored, is passed over the network connection 108 to one of the 
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exchanger systems 109 which instance software for the allocation of the data to the referenced 
unique identifier. 

In the case of a weak match where the matched unique identifier is not the unique 
identifier intended by userA, or where a unique identifier does not exist for the valid E/PA 
5 form, a request is sent from the Dmail server 124 to the mail directory systems 110, one of 
such systems running software which allocates a new entry in the mass storage device 1 1 5 
corresponding to the normalized postal address plus entityname and other ancillary data, such 
data together being the unique identifier. Thus, the system creates a new digital mailbox, 
assigns the new unique identifier from the E/PA to this mailbox, and stores the message such 
10 in storage so that it can be accessed by the recipient from the digital mailbox. 

Concurrent with the allocation of the new unique identifier in the mass storage device 
115, the software running on the mail directory system 110 generates a unique pass-code, such 
pass-code to be used by the recipient to authenticate and bind such new unique identifier to the 
recipient's digital mailbox account at a later time. The pass-code is forwarded along with the 
15 unique identifier on the network connection 108 to the print system 111, the print system being 
able to accept such pass-code and unique identifier, and create a physical postal notice card for 
transmission in a postal handling service 1 18 to the postal address portion of the unique 
identifier to the individual named by that portion of the unique identifier, that is, the recipient 
identified by the sender. The use of such postal card is described in detail in the authentication 
20 section below. 

After allocation of the unique identifier by the mail system 1 10, the unique identifier is 
returned to the Ehnail server 1 24, which then passes the corresponding unique identifier 
designator plus the data to be stored to one of the exchanger systems 109 which instance 
software for the allocation of the data to the referenced unique identifier in the mass storage 
25 device 114. This unique identifier does not correspond yet to an account and thus though there 
is storage of data accessed by use of such unique identifier, no account can at that moment 
access such referenced data. 



In the preferred embodiment, a list of E/PAs and the designated data is transferred from 
30 the Dmail merge client 105 to the Dmail merge server 125. The Dmail merge client 105 does 
a preliminary check on each E/PA in the list prior to passing such list to the Dmail merge 
server 125 to determine whether all appropriate fields exist for each E/PA, or whether certain 
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information is incomplete or not in appropriate form. If such check turns up errors, an error 
for such specific E/PA is registered such that a user can take care of updating the erroneous 
E/PA. 

With the completion of a preliminary check, the Dmail merge client transfers both the 
5 E/PA list and the data to be sent to each E/PA to the Dmail merge server 125 over the network 
connection 106. The Dmail merge server then begins an iterative loop through each E/PA in 
the list, and proceeds with the following steps below: 

1 . The server sends a request over the network connection 108 to the digital mail 
directories systems 110. The request passes the E/PA to the digital mail directory systems to 

10 determine by software running on such systems whether it corresponds to an existing unique 
identifier, and to request an allocation of a new entry for a unique identifier if the 
corresponding unique identifier does not exist and is valid. The validity check proceeds as 
was previously described, with such procedures for unique identifier checks passing back to 
the calling routine either the existing unique identifier or a null result, and a tag indicating 

15 whether the postal address was invalid, the E/PA strongly matched against a unique identifier 
or the E/PA weakly matched against a unique identifier. 

2. In the case of an invalid postal address, the Dmail merge server 1 25 passes on an 
error message to the Dmail merge client 104 which then indicates such error result with 
respect to the postal address portion of the specific E/PA, and the iteration for the specific 

20 E/PA ends. 

In the case of a strong match the Dmail merge server 1 25 passes the corresponding 
unique identifier designator plus the data to be stored to one of the exchanger systems 109 
which instances software for the allocation of the data to the referenced unique identifier in the 
mass storage device 114. 

25 In the case of a weak match, the Dmail merge server 125 passes back a check request 

to the Dmail merge client 105 for a request to userA as to whether the weakly matched unique 
identifier is the one that was supposed to be represented by the E/PA (i.e. in a situation that 
userA sends data to a partial address or leaves off an apartment number but still intended the 
recipient that was weakly found to correspond to the E/PA passed). The Dmail merge client 

30 105 can be set to automatically: (i) indicate the weak form should be accepted for 

transmission of the data, (ii) indicate the weak form should not be accepted and thus a new 
unique identifier activated, or (iii) indicate no data should be sent based on the E/PA and send 
feedback to alert userA as to the invalidity of such E/PA. If response (iii), the iteration 
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completes. If response (ii), the transaction proceeds as indicated in the next paragraph. If 
response (i), the corresponding unique identifier for the weak match, plus the data to be stored, 
is passed over the network connection 108 to one of the exchanger systems 109 which instance 
software for the allocation of the data to the referenced unique identifier. 

In the case of a weak match where the matched unique identifier is not the unique 
identifier intended, or where a unique identifier does not exist for the valid E/PA form, a 
request is sent from the Dmail merge server 125 to the mail directory systems 110, one of such 
systems running software which allocates a new entry in the mass storage device 1 1 5 
corresponding to the normalized postal address plus entityname and other ancillary data, such 
data together being the unique identifier. 

Concurrent with the pre-registration of the new unique identifier, the software running 
on the mail directory system 1 10 generates a unique pass-code, to be used by a recipient to 
authenticate and register a new Dmail account. Sender userA can set certain parameters in for 
the Dmail merge client 105 such that the pass-code can be (1) forwarded to a printing system 
for transmission in a postal handling service to postal address and entityname indicated by the 
unique identifier, (2) returned to the digital mail merge client for storage in the list for use by 
userA in presenting such pass-code to the intended recipient through other paper means, such 
as the sender's own mass mailings. 

Registration of a Digital Mail Account 

Registration authenticates a Digital Mail Account by proving that a user really can 
receive physical mail using the given E/PA, which is the combination of its entityname and 
postal address. When a Digital Mailbox Account is activated by direct action of the user, 
following one of the flows in the previous section listed under "User (recipient) direct pre- 
registration of a Digital Mail Account", the user must select which of the registration methods 
in this section is desired. When a Digital Mailbox Account is pre-registered by a different user 
sending Dmail, which results in the creation of a new unique identifier, following one of the 
flows in the previous section listed under "Sender-based pre-registration of the unique 
identifier for an intended recipient", the first process below, the "Postal notification flow" is 
automatically triggered if the sender has completed his authentication. Additionally, the postal 
notification flow may also be triggered even if the senders are anonymous or unauthenticated 
if the Digital Mail PostOffice determines there is over a certain threshold number of messages 
already sent to a particular unique identifier, strongly suggesting that the unique identifier is 
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valid. The Postal Notification flow instructs the Digital Mail Print Servers 108 to print 
physical mail 622 that gets delivered to an user using a Physical Delivery service, and upon 
receipt the user then can access 629 the Digital Mail Network online. 

In either case (of registration happening at the same time as pre-registration, or after 
5 Physical Notification), the user begins by using their computer and web-browser interface 102 
to access the Digital Mail Network 107. The request for registration is transferred across the 
network 106 from the web browser client 102, and the web server 122 transmits back to the 
web browser client 102 an html page fields for the entering of an actual entityname for the 
user, a field for the entering of a unique account name, and the selection of an account-access 

10 password. Once the user enters the information in such fields for transfer back to the web 
server 122, the web server 122 passes such information through the web interface server 142 
for lookup by software instanced on one of the digital mail directories 110 which determine 
whether such account name is unique or already exists. 

In the preferred embodiment, once the software running on the directory systems 110 

15 determines the unique nature and allocates on the mass storage device 1 15 an entry for the 
newly registered account, a separate software procedure on the directory system 1 10 is 
instanced for the creation and allocation on the mass storage system 1 1 5 of a unique account 
identifier called the digital post office box number. In one embodiment, as mentioned above, 
the account number is 16 digits. Such digital post office box number has the same 

20 characteristics as a poist office box number used by postal handling services such as the U.S. 
Postal Service. The account number is bound to the newly created digital mailbox account, 
such that the digital post office box number provides an alternate mechanism for entering into 
the database system or for users inside or outside the system to send authenticated or 
unauthenticated data transmissions to the user. Such digital post office box number is passed 

25 along with the acknowledgment of the new account creation to the web server 122 for the 

creation of dynamic code translated into the acceptance display page on the web browser client 
1 02 to the end user. 

Each registration authentication process, when completed, allows the user to proceed to 
send and, if not already activated, receive postal addressed data, with transmissions tagged 
30 with the specific type of authentication that has been used (thus allowing the receiver of such 
data to know the level of authentication for the sending user). In fact, as is indicated later on, 
such tags can be used for filtering of the different types of transmissions received by a user in 
the database system. 
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In the preferred method for authentication, userA 131 accessing the database system on 
a client system 101 running a web browser client 102 is given an option to authenticate a 
unique identifier. Such option is presented on a display page transferred from a web server 
122 activated for such client session. Selection of the authentication option transmits a request 
to the web server 122 over network connection 106 and data representing the list of 
authentication options is returned over network connection 106 for display by the web browser 
client 102. Such options include the three preferred options of 1) postal notice authorization, 2) 
quick-code authorization, and 3) credit card authorization, as well as other methods of sub- 
authentication or weak authentication, all of which seek to inherit the proof that physical 
delivery to the unique identifier(s) bound to the Digital Mail Account reach the same user as 
has registered the account. 
A. Postal notification flow 

When a user requests postal notification authorization through the web browser client 
102, the web server 122 provides a passcode verification form for display by the web browser 
client 102 to userA 131. The user enters the pass-code that has been previously sent on the 
postal notification card sent through the postal handling service to userA. The postal 
notification card is initially sent due to pre-registration of a unique identifier as previously 
described. userA 131 enters a pass-code off of such postal notification card, which is then 
transmitted from the web browser client 102 to the web server 102. The web server passes the 
pass-code through the web interface server 142 to the mail directory system 110. 

The mail directory system 110 attempts to correlate the passcode with a unique 
identifier stored previously allocated. If a match occurs, the unique identifier is returned by 
the mail directory system 1 10 through the web server interface 142 to the web server 122. The 
web server 1 22 serves a confirmation page containing the unique identifier to the web browser 
client 102. The confirmation page asks the user to confirm that the unique identifier and its 
name and postal address is to be bound to the digital mailbox of userA 131. If userA 1 3 1 
confirms the unique identifier, web server 122 passes the unique identifier, the account data 
and a tag indicating authentication via postal notification through web interface server 142 to 
the mail directory system 1 10. The mail directory system 115 binds the unique identifier to 
the given account and authenticates the unique identifier such that transmissions may be sent 
using such unique identifier. A confirmation tag is passed back from the mail directory system 
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115 to the web server 122 which is then displayed to userA 131 through the web browser 
client 102 to confirm completion of the authentication for the given unique identifier. 

Thus, this process authenticates the recipient because it relies on the accuracy of the 
postal database to ensure that the recipient is the person to receives the code, and hence when 
5 the code is given back, and it is known that the recipient is indeed the person who is listed in 
the postal databases. 
B. Quickcode flow 

Another authorization method is by "piggybacking" a printed code on some other piece 
of mail 635 that the recipient would be receiving anyway. This method is typically used where 
the digital Mail PostOffice has entered into business agreements with senders of merchandise 
catalogs, other mass mailings, or specifically with bill sending agencies such as credit card 
issuers. On any of these types of mailings, a pass code, as above may be printed, along with 
instructions to the recipient as to how the register. In this particular case the passcode is called 
a "quickcode" to reinforce the concept that it enables instant registration. This is in contrast to 
"Postal Notification flow" above, where a user needed to first pre-register, and then wait to 
receive physical delivery of a passcode. With the quickcode flow, there is no initial 
transmission of a electronic communication from some sender to the recipient. Instead, the 
recipient can activate their digital mailbox account directly as a result of receiving the mass 
massing, but in doing so automatically authenticates their identity. This automatic self- 
identification feature is not currently done with conventional mass mailing "free signups" such 
as America Online's method of sending out offers for free limited time service on their 
network. 

When a user requests quick-code 635 authentication through the web browser client 
102, the web server 122 creates data representing a form for display in the web browser client 
102 for userA 131 to enter the quick-code that has been previously sent on any of a number of 
different types of mailings through the postal handling system from a user which has used the 
digital mail merge method for sending data and activating accounts. 

As one example, a catalog company may use the digital mail merge method to its 
catalog to a large mailing list of its customers, perhaps hundreds of thousands of recipients. 
Each recipient has been assigned a unique passcode; in the database 115 one or more unique 
identifiers have been previously allocated for each of these recipients (based on their names 
and postal addresses) and stored along with their passcodes. The passcode is printed 
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somewhere on the catalog, preferably with instructions for its use, including a URJL to a web 
site hosted by the system 107. 

Assume that userA 131 is the recipient of mailing such as this one (which need not 
even be a mass mailing). The user accesses the system 107, and enters the pass-code off of 
5 such mailing, which is then transmitted through the web browser client 102 to the web server 
102. The web server passes such pass-code through the web interface server 142 to the mail 
directory system 1 1 0 which attempts to correlate such pass-code with a unique identifier stored 
in database 1 15If a match occurs, the unique identifier is returned by the mail directory system 
1 10 through the web server interface 142 to the web server 122. The web server 122 creates 
10 data for display through the web browser client 1 02 representing a query for confirmation that 
the given unique identifier is to be bound to the account of userA 131. If userA 131 
affirmatively indicates acceptance of the unique identifier, web server 122 passes the unique 
identifier, the account data and a tag indicating authentication via quick-code through web 
interface server 142 to the mail directory system 110. The mail directory system 1 15 binds the 
15 unique identifier to the given account and authenticates the unique identifier such that 

transmissions may be sent using such unique identifier. A confirmation tag is passed back 
from the mail directory system 115 to the web server 1 22 which is then displayed to userA 
131 through the web browser client 102 to confirm completion of the authentication for the 
given unique identifier. 

20 In an alternative to the preferred method for generation and use of quick-codes, an 

option in the digital mail merge software used over the direct mail merge client 105 allows for 
E/PA lists to be sent in along with a specific quick-code for each E/PA entry already 
designated by the mail merge user. Such quick-code can be a catalog user number that is 
previously generated by the cataloger, or such other number as may already be used by direct 

25 mail companies or bill presentment companies (e.g. user's account number with a store, utility, 
financial institution, etc.) or any other similar type of user which may have their own set of 
codes to use for authentication of unique identifiers activated in the system. In the preferred 
style, the quick-code would be a special designator previously established for the direct mail or 
similar user, such that quick-codes passed in by such user would be unique from all other 
30 quick-codes generated either internally to the database system or externally by other entities 
using such method on the direct mail merge client 105. In the case of generation of quick- 
codes by the direct mail merge client 105, such information is passed along with the E/PA to 
the direct mail server 125 which passes the final unique identifier as previously described for 
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storage in the database system along with the quick-code to be stored along with such unique 
identifier. Note that such method is different from the normal scenario where a pass-code 
would be generated for such passed unique identifier and then returned through the direct mail 
server 124 to the direct mail client 104 for use by the user of such client in future mailings to 
the user corresponding to the E/PA. 
C. Credit Card flow 634 

The credit card flow has the same objective as the passcode and quickcode flows, 
namely, verifying that a user is able to receive physical mail addressed using a particular 
E/PA, thus proving the user's identity and his "right" to register that E/PA. The difference is 
that the credit card flow, and all the other subsequent methods that rely on other trusted 
databases, are seeking to verify that the user previously received some piece of mail (such as a 
credit-card bill, utility bill, etc.) addressed to the E/PA, instead of a mail piece newly generated 
by the digital PostOffice. 

When a user chooses 633 credit card authorization through the web browser client 102, 
the web server 122 queries through the web interface server 142 for unauthenticated unique 
identifiers currently bound to the account through which the user is accessing the system 107. 
The request forwarded across the network connection 108 to the digital mail directory system 
1 10 results in a return to the web interface server 142 of a list of unauthenticated unique 
identifiers. Such list is forwarded to the web server 122 which in turn creates data 
representing the list of such unauthenticated unique identifiers currently bound to the account, 
with a form to allow for the tagging of one or more the such unique identifiers. The data 
created by the web server 122 also includes form locations for the entering of credit card 
information along with such additional necessary data as is used for validation of the credit 
card for such transaction. Such data is forwarded for display through the web browser client 
102 touserA 131. 

UserA 131 selects one or more of the unique identifiers displayed, along with selecting 
and entering information pertaining to one or more enabled credit cards in the system, and 
transmits such data through the web browser client 102 to the web server 122. 

For each unique identifier selected by userA 131, the web server starts a separate 
procedure to check the unique identifier for correspondence with information to be returned 
from a valid credit card check. Credit card information is forwarded over the web interface 
server 142 through network connection 108 to a portal allowing access to the specific credit 
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card database indicated. Data returned from the portal to the web interface server is passed to 
the web server procedure, such data indicating whether the credit card is valid, whether 
confirmation data forwarded along with the credit card number indicates userA 131 is the valid 
holder of such credit card, along with postal address and name information to use for 
5 authenticating the unique identifiers selected. If the credit card is indicated as invalid, the web 
server sends a page to the web browser client 102 indicating the invalidity of the credit card. 
If a valid credit card, the information concerning the postal address on the card is sent through 
a procedural correction which makes use of part of the match mechanism for unique 
identifiers, thus creating a normalized postal address. The name and normalized postal address 
10 are then compared against the unique identifier and if a match occurs, such unique identifier is 
transmitted along with a tag indicating authentication of such unique identifier through the 
web server interface 142 on network connection 108 to the mail directory system 1 10 where 
the unique identifier is tagged as authenticated via credit card (note there is no need to bind 
such unique identifier to the account since such binding already has previously occurred). 
15 In one variation of the preferred embodiment, the check routine used by the web server 

122 to match the credit card name and address against each unique identifier uses a weak 
method which allows, as an example, for the unique identifier representing "John D. Smith" 
and "John Smith" to match against a credit card name "John D. Smith" thus authenticating 
both such unique identifiers if the postal address portion of such unique identifier matches. 
Other variations of the weaker matching form may be implemented to allow a credit card to be 
used for matching against unique identifiers that do not perfectly match against the credit card 
information returned. 

D. Sub-authentication 640 of telephone number 

In addition to the primary authentication of the E/PA, each digital mail account may 
optionally have an authenticated telephone number. This telephone number may be used both 
as a method of addressing by another sender, and as an additional piece of authenticated data 
that a digital mailbox account owner can supply. Telephone numbers are authenticated by the 
following process: 

In setting up a Dmail account, a user choosing to authenticate their telephone number 
will supply it to the Dmail server. 
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The user is asked to call a specific telephone number (e.g. a toll free number) from the 
telephone number they want to authenticate and to key in their 16-digital mailbox account 
number via the touchtone pad. 

The Dmail server uses CallerlD (more generally AN1, automatic number identification) 
5 to verify that the telephone number used to make the call matches the one requested for 
authentication. 

The Dmail server marks the Dmail Directory database to verify that the telephone 
number has been authenticated to be accessible to the user. 
E. Sub-authentication 642 of email address 

10 In addition to the primary authentication of the E/PA, each digital mail account may 

optionally have one or more authenticated email addresses. The email address may be used 
both as a method of addressing by another sender, and as an additional piece of authenticated 
data that a Dmail account owner can supply. An email address is authenticated by the 
following process: 

15 In setting up a digital mailbox account, a user choosing to authenticate their email 

address will supply it to the Dmail server. The server provides a code to the user. 

The user is sent a message to the email address they provided; the message is sent 
containing a containing a second code. 

The user sends email containing the first code, as well as a copy of the email message 
20 that contained the second code. This verifies both that the user received the email containing 
the second code, and that they personally added the first code received from the server. Note 
that merely looking for an email response alone might be insufficient because automatic email 
reflection (including email mailer delivery errors) might include a copy of the sent email and 
would not correctly indicate that the user had actually received and acted on the email. 
25 The Dmail server marks the Dmail Directory database to verify that the email address 

has been authenticated to be accessible for both receiving and sending to the user. 
F. Public trusted databases 

Although the methods described above are the main methods of authentication, other 
methods can be implemented based upon access portals to other databases with trusted 
30 information about entities at specific addresses. Such trusted information could come from 
Department of Motor Vehicle records, Voter Registration records, utility company records, 
Telephone company records, Phonebook (Yellowpages or Whitepages) databases, or other 
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databases that have at some recent time validated the use of a particular physical address by a 
user. Such alternate databases can be interfaced to the system similar to the credit card 
databases, such that a similar approach to the credit card method describe above can be 
expanded to allow for authentication through alternate routes. 
5 G. Alternate authentication methods or combinations 

The important aspect of authentication is the proof that a user really lives or does 
business at a particular physical address. But other authentication methods may be used as 
weaker forms of authentication, particularly if they are viewed as being only temporary, such 
as while waiting for a stronger form of authentication. For example, the method of using 
10 Public Trusted Databases authenticates only as well as the level of trust associated with each 
database, and therefore these weaker methods are not as useful for solid permanent 
authentication. 

However, a combination of several weak authentication sources could be combined to 
be considered as strong enough proof to merit permanent authentication. For example, any 
15 combination of three weak-authentication database sources could be judged as equivalent to 
regular postal notification authentication. 

Another part of the Authentication flow is defense from user attempts to abuse or 
defraud. The Digital Mail PostOffice must take all precautions to prevent fraud and misuse of 
the Digital Mail Network. A specific method to avoid attacks is to examine the hardware 
GUID (Global Unique ID) of incoming requests for new Digital Mail Account creations. The 
GUID uniquely defines the Ethernet interface board of the computer hardware being used by a 
user. Policies in the Digital PostOffice software prohibit registering more than a set threshold 
of Digital Mail Accounts from a specific GUID, even if the user "claims" to be providing a 
different unique identifier for each one. Note that this prohibition is against "registering" as a 
recipient. It is permissible and expected that a user may send mail to many other destinations, 
and that the sending of such Dmail may cause accounts to be pre-registered. But, what is 
suspicious is when a user claims to be Registering as a digital mail account owner, and then 
tries repeatedly to register other physical addresses from the same computer. Such use will be 
disallowed in general, although exceptions to this policy would be made for business addresses 
where it would make sense that many similar physical postal addresses (for example, differing 
only by a mailstop number) would be registered using the same computer. 

Validation and correction of a Postal Address 
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Validation of a postal address is a step in both the processes of Pre-registration and 
Registration, as well as in the sending of every Dmail message. Further combinations and 
checking of the entityname are handled separately in the sections on Pre-registration and 
Registration. 

5 In the preferred embodiment, sending and receiving authenticated transmissions relies 

on using a postal address with an entityname in such a combination as to create a unique 
identifier for the individual being addressed, unique identifiers are simply that combination of 
a valid postal address and entityname plus such other information that distinguishes one 
person at an address from another, if needed due to there being multiple similar names at the 
10 same address. Thus, for "John Smith" who lives at "380 West 80 th Street, New York, New 
York 10000," the unique identifier may simply be the combination of John Smith and his 
address. However, in other cases, more information, such as apartment number, middle initial, 
etc., may be necessary to distinguish the one John Smith from another who lives at the same 
address. Of necessity, the algorithms that need to be capable of handling world-wide postal 
15 addresses are heuristic in nature. 

A pivotal check to the implementation of a postal address based scheme, and a core 
competency of the Digital Mail Network, is the ability to correct and ensure the usability of 
an address. When a E/PA is received, the postal address portion is first passed over the 
network connection 108 to one of the digital address correction servers 150 running software 
20 that accepts a postal address in a raw form (i.e. with the single actual address being potentially 
referenced through a variety of different styles including abbreviations for street names or 
endings such as "blvd." versus "boulevard", etc.), and attempts to normalize the postal address 
to the canonic form used in the address existence databases used and published by the USPS 
and other national postal services worldwide. That is, "353 W. 56 th Street" and "353 West 56 th 
25 St." as string inputs to the normalizing software generate an identical output postal address. 
Heuristics are best for the united States, but also handle languages and street address forms 
used throughout the world For example, in Japan, the address forms "3-7-5" and "7-5, 3- 
chome" are also considered identical and normalized to a single form. 

Output from the digital address correction servers 150 is either a string representing 
30 the normalized postal address, or if no such postal address form can be resolved, a null string. 
In either case, the output string is passed back to the digital mail directory server 110. 

In the case of an invalid postal address or any other correctness failure of the E/PA, the 
pre-registration or registration of a new unique identifier is aborted, and the user is sent a 
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diagnostic reply. This includes the invoking of a software process called the "Address 
Correction Wizard" which makes suggestions to the user as to potentially what changes would 
result in a correct and unique E/PA. For example, if a user had specified a street address as 
"Park Blvd", and the public ZIP databases show that in that particular town there was no "Park 
Blvd" but there was a "Park Street" and a "Park Avenue", the Address Correction Wizard 
displays to the user the explanation and the potential choices that he could make in a re- 
submission. 

The Address Correction Wizard is invoked immediately when using the preferred 
Digital Mail client-server interfaces. In the case of Dmail that arrives in an email message, 
then Address Correction Wizard composes a response that is sent as a reply email, and in 
addition to the textual diagnostic information indicating any errors or difficulties in 
normalizing the address, the email contains a hyperlink so that if the original sender so 
chooses, he can invoke a browser and follow the link to the Address Correction Wizard page 
of the preferred Dmail interface, which will be particularly useful if more than one address 
correction attempt ensues. This enables the user to immediately benefit from the features of 
the ACW. 

A. Heuristics used to match with already known addresses. 

If the Postal Address submitted has a partial match to an address already in the Digital 
PostOffice database, but is lacking enough information to make it distinct, then the Address 
Correction Wizard displays to the user the explanation and the potential choices that he could 
make in a re-submission 

B. Heuristics for fraud avoidance by checking for adherence to reasonable limits on the 
maximum number of names at each address, and reasonable limits on the density of 
addresses on a street. 

It is possible that more than one user may reside at the same physical postal address, 
and that is why the digital PostOffice has the concept of unique identifiers, and policies to alert 
other users at an address when an attempt is made to register an additional entityname at the 
same address. However, the digital PostOffice can also implement policies that just prohibits 
registration of more than a set number of entitynames that is reasonable for the same physical 
postal address. For example, while it may be true and reasonable that a family of 8 people 
(including children) live at a house in a residential neighborhood, it is an indication of fraud if 
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80 people attempt to register all using the same residential postal address, with no other 
distinguishing information such as an apartment number. 

Likewise, the database of potentially valid addresses from the postal services specifies 
street number ranges that are valid. For example, on "Lucca Place" in San Jose, valid numbers 
5 range from 1 500 to 1 800. But it is rarely true that every number in that range actually exists, 
because that would imply 300 houses packed into a street Va mile long. The digital PostOffice 
may choose to implement policies that detect when there appears to be an attack on the system 
by the registration of more street numbers than is possible for the type of neighborhood (i.e. 
residential street). 

10 C. Heuristics for triggering prompting for more specific identifiers, such as apartment 
numbers or business mailstop numbers 

For example, if the input address is "353 W. 56 th Street" but there already exists an 
entry for "353 W. 56 th Street, Apt #3", then the user is instructed to specify the missing 
distinguishing information, in this example, the apartment number. For businesses, if there is 
15 already one user who has registered at "1 AMD Place, Mailstop 162", then a new user 

attempting to register the address "1 AMD Place" will be prompted by the ACW to supply a 
Mailstop number as well. 

Dmail Category Definitions and Presentation 

Another aspect of the invention are the features available in the embodiments enabling 
the reading of Dmail. The preferred embodiment is in a web-browser interface, although much 
of the functionality will also be duplicated in conventional email readers, as addressed in 
subsequent paragraphs below. In the preferred web-browser interface Dmail is presented in 
categories which are determinable based on the class of the unique identifier of the sender, 
and encoded header information contained in the message as received from the Dmail 
Network. The header includes a digital certificate that validates through the digital Mail 
Network's trust authority hierarchy that the message is authentically received from the Digital 
Mail PostOffice, and that the category information has not been tampered with. 
The categories include: 

• Buddy Instant Digital Mail 

• Transient messages indicating each buddy that is presently accessing the Digital 
Mail Network 

• Replies to outwardly sent transient buddy messages 
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• Personal 

• Authenticated senders 

• Unauthenticated Dmail senders (but not including Email which is sorted separately 
below) 

5 • Anonymous senders 

• Priority (business sender paid for premium delivery categorization) 

• Business Class 

• Business Financial Class (bills) 

• Business First class (including responses to Dmail requests) 
10 • Business Standard class 

• Business Non-Profit class 

• Consumer class 

• Catalog class 

• Entertainment class 

15 • Other consumer marketing mail 

• Email class 

• Email aliased by the Digital Mail PostOffice 

• Email addressed to mailto:username@xxxxx.com, where xxxx is a pre-selected 
domain 

20 • Email received from POP servers outside the Digital Mail Network 

The web-browser window has distinctive regions for each category which each 
displays a separator indicating the start of the category. Optionally, each category may have 
its own separate scrollbar to select which of the message headers to display within each 
category, or the categories can just show the top of the list if there are more messages than fit 
25 and there is no scrollbar enabled. 

The messages within each category are separately sorted, by the usual set of possible 
criteria (date/time-received, message size, alphabetically by subject, etc.), or by the criteria of 
the addressing mode used by the sender. It is possible by menu selection to adjust the total 
number of messages accessible via the scrollbar in each category to include: 
30 • Just messages that have been newly received since the last time the mail reader was 

exited. 

• Just messages received in the most recent N days. 

• Just messages received in the most recent N weeks. 
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20 



25 



• Just messages received in the most recent N months. 

• All messages 

Buddy Instant Digital Mail 

The "Buddy Instant Digital Mail" category is a special category, because some of the 
messages there may go away even if not ever read. These special messages are called 
"transient messages" and are generated when other senders access the Digital Mail Network 
and have this user listed in their "buddy lists". Likewise, during the period in which this user 
is accessing the Digital Mail Network, polling of the Digital Mail PostOffice is done 
periodically to see if any users identified in the "buddy lists" are also accessing the Digital 
Mail Network, and if so, each is sent a transient buddy message from this user. When a reply 
is made to a transient message, a special option allows the response to either automatically be 
deleted when either buddy stops accessing the Digital Mail Network, or to be kept until read, 
just like normal messages. 

Separation and Advertisement banners 

Between each category are separation banners, which serve not only to visually 
distinguish the categories but are also available for advertisements. The advertisements can 
include either static rendered advertisements or dynamic banners that change every few 
seconds. In both cases, the advertisements can be optionally equipped with hyperlinks to other 
websites. Also, for both "static" and "dynamic" advertisements, the choice of advertisement 
can be made a function of statistical information stored in database 115 for each user, 
including preferences stated when the Digital Mail account was activated, and historical 
information about what advertisements have been reacted to in the past. 

Furthermore, because the Postal address associated with each user gives definitive 
geographical information for each user, such static or dynamic advertisement banners can also 
be further targeted geographically to those users within a certain preferred area. This is a 
significant advantage that advertisers receive from the Digital Mail PostOffice, relative to 
other websites that cannot target local sales because they have no authenticated information 
about the actual physical location of a user. Further determinations in terms of the type of 
advertisements that may appear can be based upon other user preferences chosen in terms of 
determining the type of messages which the user decides to filter. For example, if a user sets 
up an account to receive certain types of messages relating to sports, banner advertisements 
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dealing with sports may be one set that are specifically increased in proportion for display to 
that user. 

Flow of Dmail Through the Digital Mail Network 

A. Basic flow of sending Dmail using Web-Browser 

5 In the preferred embodiment a Dmail is generated by a user such Dmail being as a 

simple text message or as a more complicated message including attached documents or 
hyperlinks to other documents remote or locally on one of the client systems 101, such client 
system using software in addressable memory embodying a web-browser client architecture 
1 02 indicated previously. 

10 Such Dmail is transmitted over the network connection 106, along with a set of at least 

one Entityname 131,132 and a Postal Address 130, to the interface servers 122 running 
interface software 142, which together appear as a single network location, one of the interface 
servers being selected for reception of the Dmail, and instancing software in addressable 
memory embodying a client server architecture 102-122 indicated previously and 

15 corresponding to the software embodying the client architecture 1 02 running on the client 
system 101. 

The specific interface server 107,122 that is interfacing with the client system 101,102 
over the network connection 106 sends a query via the internal network connection 108 to the 
directory servers 110 and passes both the Postal Address and the Entityname to such directory 
20 servers 110. 

Directory servers 1 10 use software embodying a deterministic method to resolve the 
User at a Postal Address into a unique identifier, and a tag is returned along with such unique 
identifier on the internal network connection 108 indicating whether the unique identifier is 
new, already exists, or is invalid (for example, in the case the Postal Address sent is invalid). 

25 If the tag returned with the unique identifier is invalid, the Dmail is passed back over 

the network connection 106 to the client system 101 along with an error indicator as to the 
invalidity of the Postal Address and User combination. 

If the tag returned with the unique identifier specifies an existing unique identifier or a 
new unique identifier, such unique identifier is forwarded along with the Dmail to the 

30 exchanger servers 109, with a request for storage in the database 1 14 allocated to an Account 
with the given unique identifier. 

B. Basic flow of sending Dmail using E-mail Client 
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In the preferred embodiment a Dmail is generated by a user such Dmail being as a 
simple text message or as a more complicated message including attached documents or 
hyperlinks to other documents remote or locally on one of the client systems 101, such client 
system using software in addressable memory embodying a e-mail client architecture 103 
5 indicated previously. Such Dmail is transmitted over the network connection 106, along with a 
set of at least one Entityname 13 1,132 at a Postal Address 130, to the interface servers running 
interface software 123,143 selected for reception of the Dmail, and instancing software in 
addressable memory embodying an e-mail client server architecture 103-123 indicated 
previously and corresponding to the software embodying the client architecture 103 running 
10 on the client system 101. 

The specific interface server 107,123 that is interfacing with the client system 101,103 
over the network connection 106 sends a query via the internal network connection 108 to the 
directory servers 1 10 and passes both the Postal Address and the Entityname to such directory 
servers 110. 

15 Directory servers 1 1 0 use software embodying a deterministic method to resolve the 

User at a Postal Address into a unique identifier, and a tag is returned along with such unique 
identifier on the internal network connection 108 indicating whether the unique identifier is 
new, already exists, or is invalid (for example, in the case the Postal Address sent is invalid). 
If the tag returned with the unique identifier is invalid, the Dmail is passed back over 

20 the network connection 106 to the client system 101 along with an error indicator as to the 
invalidity of the Postal Address and User combination. 

If the tag returned with the unique identifier specifies an existing unique identifier or a 
new unique identifier, such unique identifier is forwarded along with the Dmail to the 
exchanger servers 109, with a request for storage in the database 1 14 allocated to an Account 

25 with the given unique identifier. 

C. Basic flow of Dmail using Dmail Client 

In the preferred embodiment a Dmail is generated by a user such Dmail being as a 
simple text message or as a more complicated message including attached documents or 
hyperlinks to other documents remote or locally on one of the client systems 101, such client 
30 system using software in addressable memory embodying a Dmail client architecture 1 04 

indicated previously. Such Dmail is transmitted over the network connection 106, along with 
a set of at least one Entityname 131,132 at a Postal Address 130, to the interface servers 
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running interface software 124,144 selected for reception of the Dmail, and instancing 
software in addressable memory embodying an Dmail client server architecture 104-124 
indicated previously and corresponding to the software embodying the client architecture 104 
running on the client system 101 . 

The specific interface server 107,124 that is interfacing with the client system 101,104 
over the network connection 106 sends a query via the internal network connection 108 to the 
directory servers 1 10 and passes both the Postal Address and the Entityname to such directory 
servers 1 10. 

Directory servers 110 use software embodying a deterministic method to resolve the 
User at a Postal Address into a unique identifier, and a tag is returned along with such unique 
identifier on the internal network connection 108 indicating whether the unique identifier is 
new, already exists, or is invalid (for example, in the case the Postal Address sent is invalid). 

If the tag returned with the unique identifier is invalid, the Dmail is passed back over 
the network connection 106 to the client system 101 along with an error indicator as to the 
invalidity of the Postal Address and User combination. 

If the tag returned with the unique identifier specifies an existing unique identifier or a 
new unique identifier, such unique identifier is forwarded along with the Dmail to the 
exchanger servers 109, with a request for storage in the database 1 14 allocated to an Account 
with the given unique identifier. 
D. Basic flow of Dmail using Dmail Merge Client 

In the preferred embodiment a Dmail is generated by a user, such Dmail being as 
simple as a straight text message or more complicated including attached documents or 
hyperlinks to other documents remote or local, on one of the client systems 101, such client 
system using software in addressable memory embodying a Dmail merge client architecture 
105 indicated previously. 

The software in addressable memory includes a routine to cycle through a database of 
Entities and Postal Addresses stored on a storage system 105 accessible by the client system 
101 . For each pair of user and Postal Address, a Dmail plus the user and Postal Address pair is 
transmitted over the network connection 106 to the interface servers 125, which together 
appear as a single network location, one of the interface servers being selected for reception of 
the Dmail, and instancing software in addressable memory embodying a Dmail client server 
architecture. 
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The specific client server that is interfacing with the client system over the network 
connection sends a query via the internal network connection to the directory servers and 
passes each separately received pair of Postal Address and the Entityname to such directory 
servers . 

5 Directory servers use software embodying a deterministic method to resolve the user 

at a Postal Address into a unique identifier, and a tag is returned along with such unique 
identifier on the internal network connection indicating whether the unique identifier is new, 
already exists, or is invalid (in the case the Postal Address sent is invalid). 

If the tag returned with the unique identifier is invalid, the Dmail is passed back over 
10 the network connection to the client system along with an error indicator as to the invalidity 
of the Postal Address and user combination. 

If the tag returned with the unique identifier specifies an existing unique identifier or a 
new unique identifier, such unique identifier is forwarded along with the Dmail to the 
exchanger servers , with a request for storage in the database allocated to an Account with the 
15 given unique identifier. 

E. Flow for Print Based Dmail 

For certain cases Dmail is replicated in print and physical sent to the recipient. These 
cases including where a sender has specified (and paid for) the added feature of print delivery, 
a user has chosen print delivery for all received Dmail in a particular category, and the first 

20 message to an activated Dmail account that has not yet been registered. In all such cases the 
Dmail is transmitted over the internal network connection 108 to the print server 111, such 
print server containing software to transform the Dmail into a Preformat Print Dmail that is 
then transmitted to a mass storage device 1 16 on which is stored a queue and into which the 
Preformat Print Dmail is then stored. 

25 The print server 111 runs another piece of software that monitors the queue on the 

mass storage device 116 and the print system 1 1 7 attached to the print server 1 1 1 and forwards 
Preformat Print Dmail from the mass storage device 1 16 to the print system 117 when the print 
system 1 1 7 is ready for new data. 

The print system 1 1 7 produces Print Dmail which is then forwarded to a Postal 

30 Handling Service 1 1 8 for delivery to the user at the Postal Address given. 

Functions in the Dmail Sender user Interface 

A. Choices of addressing Modes 
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The goal of the Digital Mail Network is to be able to make it easy to send messages. 
To facilitate this, senders are able to use a variety of methods to attempt to address Dmail: 
1. Postal Address 

In particular, this choice is available even prior to account pre-registration, because it 
5 will trigger the account pre-registration process by the sending of physical mail to notify a 
recipient of available Dmail. In the preferred use of the Digital Mail clients 102 or 104 to 
servers 200 or 2 10 interface, the sender forms have fields for the Postal Address. When using 
the Email client 103, the Email is parsed by Email Servers 204 or 304 to find the Postal 
Address information in textual form at the top of the message. Figure 1 1 shows an example 
10 Email message with a Postal Address. Note that the traditional email systems ignore the 
Postal Address and just consider it part of the message body. 
2. Digital P.O. Box 

This addressing mode requires that the Digital Mailbox Account already exists, and 
that the sender knows the number. However, it is also requires the least resources from the 
15 Digital Mail PostOffice and is therefore encouraged by the lowest price. This method has the 
advantage that in enables communication with the least amount of information disclosed by a 
potential recipient to a potential sender, just as an ordinary postal P.O. Box also provides 
isolation and anonymity to a receiver. This privacy is achieved without the recipient needing 
to take extra action to fetch mail separately (i.e. from different mailboxes) from senders that 
know the full identity and address of the recipient as from senders that have been given only 
the Digital P.O. Box Number. 

3. Telephone Number 

This mode only works if the intended recipient already has opened an account with a 
sub-authenticated telephone number. 

4. Digital Mail PostOffice username 

When a Digital Mail Account is created, the User may also select a "username" in the 
traditional email style (which must be unique within the domain assigned to the system 100), 
and receive mail addressed to this usemame@xxxxx.com, where "xxxxx" is the domain name 
assigned to the system 100, such as "postoffice.com", for example. 

5. Digital Mail PostOffice alias name 
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Each sender will be able to define a set of aliases that are specific to that sender, and 
are stored as an "address book" for that sender, unlike other email alias methods that are only 
available to affect the email sent from the host where the aliases are defined, the Digital Mail 
PostOffice allows the alias database to be used in combination with the receipt of email from a 
5 sender's email account elsewhere. For example, a user could create an alias called "mom" that 
binds to another Digital Mail Account they specify {their "mom"). Then, when the Digital 
PostOffice receives incoming email over the external email server 133 addressed to 
"mom@postoffice.com", it checks the Digital Mail Account for that particular sender (looking 
up the digital mailbox using the sender's email address which has been previously bound), and 
10 uses that sender's address book alias for "mom" to find the Digital Mail Box the mail should 
get sent to. The combination of an alias with the email address of a sender allows each sender 
to remotely utilize their own private aliases. 

6. Ordinary Email Address 

This mode only works if the intended recipient already has opened an account with a 
15 sub-authenticated email address or addresses. It is enabled by the use of the form 

mailto:name%otherhost@host.com which all standard email protocols will send to host.com 
for delivery, even when otherhost is itself a valid internet hostname. 

7. Entityname (and location), even when potentially ambiguous 

It is also possible to address Dmail just using an entityname without a valid Postal 
20 Address, or to combine it with partial address information, such as "John.Smith.San 

Francisco.California". With this method, the Digital Mail PostOffice attempts "best effort" 
delivery by seeking to find the closest matching set of unique identifiers. At the time of 
sending, the sender can choose whether the message should be: 

• Delivered only if a single recipient matches the address. 

25 • Queued to be manually examined by a person ("the digital postman" that may be 

able to make a more effective judgement for best effort delivery. This choice is 
available only with the payment of an additional fee. 

• Sent to multiple potential recipients where the number of ambiguous recipients is 
limited to a small number by the Digital Mail PostOffice. 

30 • Only a subject line is sent to multiple potential recipients with instructions to ask 

the recipient to reply to the sender if they believe they are the actual intended 
recipient. 

60 



NiSDOCID: <WO 0113576A2_I_> 



WO 01/13576 



PCT/USOO/22321 



These choices facilitate "speculative addressing" such as trying to send Dmail to old 
friends or others whose address is in doubt. If the sender chooses to conceal the message if the 
Digital Mail Network finds the recipient appears to be ambiguous, then the recipient only 
receives a Dmail with a message header and name of the sender, and then the recipient can 
choose whether to reply to the sender and ask to be sent the full message. An additional aspect 
of this addressing mode is that the Digital Mail PostOffice will reject delivery entirely if it 
determines that the number of potential ambiguously addressed recipients is greater than a 
chosen threshold. 

B. Services on sent messages, taking effect at the Receiver 

An aspect of the invention are new features available in the embodiments enabling the 
sending of Dmail. The preferred embodiment is in a web-browser interface, although much of 
the functionality may also be duplicated in conventional mail sending tools adapted as 
necessary, as addressed in subsequent paragraphs below. In the preferred web-browser 
interface, Dmail composition will have additional menu-selectable functions that give a sender 
choices, analogous to choices in sending physical postal mail: 

• Sending with a return-receipt requested for delivery of envelope to recipient. This request 
will trigger the Dmail reader to send a return Dmail to the sender on the first occurrence of 
the recipient invoking an action in a mail reading tool that presents to him the header of the 
message in a visible portion of the listing of messages in its category. 

• Sending with a return-receipt requested for delivery of letter contents to recipient. This 
request will trigger the Dmail reader to send a return Dmail to the sender on the first 
occurrence of the recipient invoking an action in a mail reading tool that presents to him 
the data contents of the message. 

• Sending a print message to a recipient who has never registered their digital Mail account. 
Generally, digital Mail arriving for a recipient is queued for being read, and only some 
messages are periodically printed to send as duplicated physical mail. After the first print 
message, the digital PostOffice maintains a policy as to how often to duplicate other 
messages into print mail, each of which functions as a reminder and incentive for the 
recipient to register their account. If a recipient has been sent a number of messages over 
some threshold, but has not yet registered their account, then the sender can be notified, at 
the time of sending through the preferred browser interface, that it is highly likely the 
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recipient may not receive the digital Mail unless it is also duplicated as physical print mail, 
and the sender can be allowed, for a fee, to direct that his message be duplicated and sent 
in print. 

• Sending "priority mail" that appears in a premium category, such as the priority category 
5 or the "first class" business instead of "standard class". 

• Sending "express mail" that will stay at the top of a time-sorted list until it is read, even if 
newer messages arrive subsequently. 

In addition, Dmail senders also can specify per-message authentication, so that in order 
to read messages, the recipient must supply additional authentication (a separate pass-key in a 

10 sense), specific to this sender. This can be one-time for the specific sender-receiver 

combination, periodic (such as once a month), or for each received message individually. The 
additional authentication can be either in the form of requiring the recipient to supply a sender- 
specific code before the message will be displayed, or answering a sender supplied question 
that is encoded in the Dmail header. 

15 As an example of the first usage, the sender may desire to have the recipient type in a 

code from a physical postal letter (such as a monthly bill or account statement) separately sent 
by the sender. This use duplicates the authentication method performed eaflier to 
authentication the Dmail receiver, but is fully in control of the sender, and can thus provide the 
sender additional assurance. 

20 As an example of the second usage, the sender may desire to have the recipient answer 

the some type of question, such as supplying their "mother's maiden name", to which their 
existing security policies are already accustomed. In either case, the Dmail reader interface 
only decrypts the message and presents it to the recipient upon a correct response to the 
authentication challenge. The Dmail reader also can, optionally, notify the sender with a 

25 return Dmail message about the status of the authentication challenge, and indicate whether the 
potential recipient was successfully authenticated by the challenge or failed after a plurality of 
attempts. 

7) A sender can also choose that a Digital Mail message trigger additional notification 
to alert the recipient of important incoming Digital Mail awaiting being read. The additional 
30 notification methods are: 
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Send Print Digital Mail using the local Postal Service at the recipient. This 
happens anyway if the recipient user has not yet authenticated their account to 
indicate that they expect to be reading Digital Mail online. 

Send an email if the Digital Mail Account has a sub-authenticated email address in 



5 



the Digital Mail PostOffice database. 

Send a facsimile transmission to the recipient if there is a fax number on file in the 
Digital Mail PostOffice database. 

Notify the recipient by telephone using a computer synthesized voice, if the Digital 
Mail Account has a sub-authenticated telephone number in the Digital Mail 



10 



PostOffice database. 



• Notify the recipient by telephone with a human operator ("the Digital PostOffice 
Operator"). 

Each of these additional services will have a cost, which the sender's account is 
charged with upon the selection of these services for each mail sent. 
15 C. Services available before (or in contemplation of) sending 

In the preferred web-browser interface, Dmail senders will have also have services 
available that query the Dmail directories for information about specific recipients. For fees, a 
sender is able to receive information, for each intended recipient, including: 

• Whether the recipient has an existing Dmail account 

20 • Whether the recipient has authenticated the Dmail account 

• How long the Dmail account has been open 

• How long the Dmail account has been at its present physical postal address 

• The monthly volume of mail received by the intended recipient in the sender's intended 



25 • The last date Dmail was read from the account 

• Whether the recipient already has filters in place that would block the viewing of the 



intended message. This feature is enabled by the sending of status information from Dmail 
reader servers back to the Dmail Directory database. 



category. 
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20 



25 



• Preferences of this account for advertisements of particular types and subjects. This 
information is both from specific statements "opt-in" statements made when opening a 
digital Mail account, as well as statistical information regarding which advertisement 
banners this user has responded to in the past. 



In the display areas, each message's header is optionally color-coded with the level of 
authentication for the sender. Possible levels include: 

• Sender authenticated as a known Dmail Individual (with the displayed name). 

• Sender authenticated as a known Dmail Business (with the displayed name). 

• Sender has requested authentication, but the authentication process is in progress. 

• Sender has requested the message be sealed until the receiver answers a challenge 
for additional sub-authentication (typically a password, but can be an answer to a 
specific sender-supplied question.) 

• Sender is new or unknown 

The color coding may also optionally indicate whether the message arrived encrypted 
(extra security for contents of message), or digitally signed (extra validation of the identity of 
the sender, based on trust of the signer) 

There are also sublevels of authentication which may also be displayed for each sender, 
both to indicate the original authentication method (i.e. whether the sender used the receipt of 
physical mail sent by the Digital PostOffice, the use of a Quickcode, or just inherited trust 
from a public database, such as a credit-check), and to indicate whether there are additional 
sub-authentications (of telephone number or email address), available for that sender. 

It is also optionally possible to filter the displayed messages based upon the sender's 
authentication level, or sub-authenticated level, and to select specific actions to take for all 
messages from specific senders. The actions possible, which can be selected either by menu or 
hyperlink, include: 

• Move this and other emails from this sender to the top of the present category. 

• Move this and other emails from this sender to the bottom of the present category. 

• Move this and other emails from this sender into a different category. 

Additional Services 



Functions in the Dmail Receiver user Interface 
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An user can also choose, at substantial additional cost, to request additional notification 
to be sent for all incoming Digital Mail, separately for each category. The additional 
notification methods are: 

• Send Print Digital Mail using the local Postal Service at the recipient. 

5 • Send an email if the Digital Mail Account has a sub-authenticated email address in 

the Digital Mail PostOffice database. 

• Send a facsimile transmission to the recipient if there is a fax number on file in the 
Digital Mail PostOffice database. 

• Notify the recipient by telephone using a computer synthesized voice, if the Digital 
10 Mail Account has a sub-authenticated telephone number in the Digital Mail 

PostOffice database. 

• Notify the recipient by telephone with a human operator ("the Digital PostOffice 
Operator"). 



15 Dm ail feature preservation through Email Receivers 

In addition to the preferred embodiment of a web-browser interface for both the 
receiving and sending of Dmail, it is also possible, with additional aspects of the invention, to 
support most of the added features of Dmail even when using ordinary email reader and sender 
programs. In particular, the key feature of categorizing received Dmail is accomplished in an 
ordinary email reader by manipulation of the date/time fields and prefixing of the subject 
fields. Both types of changes are performed so that the messages will appear grouped into the 
categories, whether the email reader sorts by time or by Subject. 

The changing of the date is chosen in a way to be the least intrusive as possible, but 
still provide as much information to the user. To accomplish this, the preferred choice is to 
adjust the each category to use a different multiple of -1 0 years. For example, the first 
category can use the original dates, the secondary category can adjust dates back by 10 years, 
so that all those messages appear lower in a list sorted with most-recent at the top, the next 
category can adjust dates back by 20 years, and so forth. By choosing 10 years as the 
increment, it will be obvious to the recipient, without confusion about the actual dates, since 
any real list of messages would undoubtedly span a time period much shorter than 10 years. 
Further, 10 years is a small enough increment, that even email readers that assume that all 
dates are greater than the year 1900 would work fine, since there are fewer than 10 categories. 
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Adjusting the text in the subject field can be done with a simple prefix code of a few 
characters, such as "CI:", "C2:", so that an alphabetic string sort will produce an ordering 
where the categories are all grouped together and appear in the desired order. 

When using an ordinary email reader, rather than the specific Dmail web-browser 
5 interface, an additional aspect of this invention is the creation of additional email messages 
with distinctive subject lines to serve as category separators. The dates and subject prefixes 
chosen will work to always place these messages between the categories in the lists of email 
messages that have dates or subject lines adjusted as described in the previous paragraph. 
Further, both the subject and body of the separator messages may have advertisement material 
10 that matches the web-browser interface in the delivery quantity of static advertisements. 

Dmail feature preservation through Email Senders 

All of the menu choices available in the preferred browser interface for sending digital 
Mail are also available through specialized directives that can be placed into normal email 
addressed to " postmaster@postoffice.com " (the use ofpostoffice.com" is not required per se; 
15 any other domain may be established to receive Dmail). 

Security improvements relative to existing DNS protocols 

The SMTP protocol, currently used by nearly all electronic mail systems worldwide, 
has no provision for checking the actual identity of a mail sender, and therefore it is trivial to 
send anonymous or fraudulent email messages. In order to correct these deficiencies of 

20 SMTP, the Digital Mail Network implements a new protocol called the DMTP, the Digital 
Mail Transfer Protocol which transmits messages with unequivocal sender identity 
information. In the usual case, the sender is identified by reference to his authenticated Dmail 
account. In the special case of a Dmail sent by a special anonymous interface provided for by 
the Digital Mail Network, the sender is clearly identified as having chosen to be anonymous, 

25 instead of being mislabeled with some assumed identity. 

The DMTP protocol is used over encrypted transmissions on the Digital Mail Virtual 
Private Network 108, so that unsanctioned use attempts will fail. The encryption is based upon 
the keys generated by Trust Authorities 113, and distributed via the Trust Certificate 
Distribution channels 162. 

30 A. Definition and features of the DMTP protocol 
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Another aspect of this invention is the creation of a new protocol called the "Digital 
Mail Transfer Protocol" (DMTP). Unlike its simpler predecessors (SMTP, POP, IMAP) 322, 
324, 326 , DMTP is always authenticated and encrypted. Further, again unlike the other 
protocols (SMTP, POP, IMAP) 322, 324, 326, it does not rely upon the public internet's 
"Domain Name Server" DNS protocol as a starting point, but instead creates a new secure 
definition of the network addresses needed, based on a trust hierarchy. The trust hierarchy, 
illustrated in Figure 1, starts with the digital certificates issued to each individual user's DMTP 
server. These certificates are issued and validated by the digital certificates issued to "Zone 
servers" which are in turn issued and validated by the root trust authority 113 behind the 
Digital Mail Network 162. The root trust authority is preferably a computer stored in a bank 
vault located in Switzerland, so that it falls under Swiss law; though other locations may be 
used. The Swiss location is preferred both because of the strictness of the bank secrecy laws, 
and because it is the trusted location of the International Postal Union Headquarters. The 
digital PostOffice root trust authority 1 13 computer is only accessed periodically (such as 
annually) when it is necessary to generate digital certificates for the Zone servers. The Zone 
server certificates have an expiration date (typically one year after date of creation) to limit the 
potential, in the event a Zone server is compromised, for creating unauthorized DMTP server 
certificates. 

A key advantage of the organization described in Figure 1 is the distinction that 
available server processes 302,304,306 are software running locally on an end-user's computer 
hardware. This keeps the cleartext insecure protocols (SMTP, POP, IMAP) 1 84 confined 
locally to the physical location of the user, rather than being sent across the public internet 
106. Instead, only the DMTP 328 protocol is sent across the public internet 106. Since DMTP 
is an encrypted protocol, all traffic on the Digital Mail Network is in the form of a VPN 
(Virtual Private Network), even though it is carried on the public internet infrastructure. 
Further, replacing the "standard" implementations of the (SMTP, POP, IMAP) servers with 
the implementations of (SMTP, POP, IMAP) 322, 324, 326 which conform with the operation 
of the present invention, enables the generation of the "adjusted" email messages described in 
a previous paragraph so that a user can received authenticated Dmail, including separation into 
categories, even when choosing to use a local email reader. 



User Interface Descriptions 
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Referring now to FIG. 14, there is shown a screen shot of a sign-up screen 1400 
according to one embodiment of the present invention. The user enters an account name in 
field 1401, which will be used to identify the user in the context of the invention. Password 
fields 1402 allow entry of a user-selected password for user validation. Additional user 
identity verification is provided by fields 1403, including for example birth date, and secret 
password question and answer. User profile fields 1404 collect additional information 
describing the user, which may be used for targeting advertising or other profiling. OK button 
1405 submits the entered information, and Clear button 1406 clears the fields in screen 1400. 
The alternate email address field capture a user's email address and thus allows for the 
authentication of this email address using the methods described above under 
Subauthentication of Email Address. 

Referring now to FIG. 15, there is shown a screen shot of a screen 1 500 for collection 
of additional registration information according to one embodiment of the present invention. 
Home address fields 1501 collect information describing the physical address of the user. This 
information is used for user initiated account registration. Match button 1 502 provides 
functionality for verifying the physical address using trusted postal address databases. User 
profile fields 1404 are provided as described in connection with FIG. 14. OK button 1503 
submits the entered information, and Clear button 1504 clears the fields in screen 1500.. 

Referring now to FIG. 16, there is shown a screen shot of a mailbox screen 1600 
according to one embodiment of the present invention, showing sorting by category and 
prioritizing of mail items. Several categories 1601 are displayed, each containing several 
messages. Incoming messages are automatically places in categories 1601 according to the 
type of sender, as previously specified. This allows the user to know before even reading a 
message, the type of sender and thereby use this information to decide whether or not to read 
the message; the type of sender is known and authenticated by the digital post office, and thus 
the recipient is guaranteed as to the accuracy of the classification, unlike in conventional 
systems that apply heuristic rules to move mail into folders. 

For each message, the sender 1602 is identified, and the date received 1603 is shown. 
Generally, messages are sorted by date within each category 1601, although high-priority 
messages such as 1 606 are presented at the top of the list, regardless of date. Priority can be 
determined based on certain predetermined qualities, including for example a higher fee 
having been paid by the sender. Thus, a sender can pay a fee to have a particular message stay 
at the top of it's a category, even if it is older than other messages. 
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Subject 1604 is shown for each message, as well as the security level 1605 of the 
message. "Authentic" indicates that the sender has been authenticated, while "Auth Pending" 
indicates that authentication is in progress. "Password Required" specifies that additional 
authentication means are required (as specified by the sender) before the message can be 
5 displayed to the recipient, as shown in message 1 607. For example, the recipient may be 

required to enter a password or answer a test question before reading the email. This message- 
specific authentication enables the sender to further ensure that a message is read by only a 
specific person. 

Check boxes 1608 allow the user to select individual messages for action. Clicking on 
10 Delete Checked 1610 deletes the checked messages. Clicking on Move to 161 1 moves the 
checked messages to another location, specified by drop-down menu 1612. Check All box 
1609 checks all messages within the associated category. Buttons 1613 are also provided for 
viewing messages within a certain date range, such as Today, One Week, One Month, and the 
like. This feature makes selection and viewing of messages far more useful than mere "date" 
15 sorting found in conventional messaging systems. 

Referring now to FIG, 1 7, there is shown a screen shot of a message display screen 
1 700 according to one embodiment of the present invention. Note that this message was sent 
to the recipient addressed by their physical postal address 1 701 , and not an email address. The 
subject 1702, date 1703, and body 1704 of the message are displayed, including buttons 1705 
for performing various actions on the message, such as replying, forwarding, deleting, and 
moving. 

Referring now to FIG. 1 8, there is shown a screen shot of a screen 1 800 for composing 
a letter according to one embodiment of the present invention, including a variety of 
addressing modes and address verification features. Radio buttons 1 804 provide several 
options for addressing mode, including postal address, e-mail address, phone number, and 
digital post office box. Depending on the mode chosen, a different set of fields 1 805 appear 
for entry of addressing information. Thus, this feature allows a sender to address a message to 
a recipient using any of these different types of addresses. 

Send button 1801 sends the message, while Save Draft button 1802 saves the message 
locally for later retrieval. Cancel button 1 803 cancels the letter composition process. 

Address Book Lookup button 1 806 provides access to the user's address book for 
selection of a recipient therefrom. 
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Directory Lookup burton 1 807 provides access to a public directory, such as may be 
consulted using the Lightweight Directory Access Protocol (LDAP) for selection of a message 
recipient therefrom. 

Check Recipient / Address Wizard button 1 808 provides access to an address 
5 correction wizard that checks the validity of an entered postal address, and suggests close 
alternatives if the entered address is not found. Remove Recipient button 1 809 removes the 
specified recipient, while Add Recipient button 1810 adds the specified recipient. 

Subject field 1811 and body field 1812 permit entry of subject and body of the 
message, in a conventional manner. Additional options 1813 such as a signature may also be 
10 provided. Attachments 1 814 to the message may also be specified. 

Referring now to FIGS. 19 through 23, there is shown a series of screen shots for 
greeting card composition according to one embodiment of the present invention, which is one 
way to facilitate the sender initiated account creation process, such as illustrated in Fig. 9. 
Additional details of the structure of the greeting card are discussed below with respect to Fig. 
15 5. 

In one embodiment, the screens shown in these figures are presented in succession to 
the user, to effect composition and transmission of a greeting card in accordance with the 
user's specifications. 

FIG. 19 is a screen shot of a greeting card composition screen 1900 showing greeting 
20 card type selection, according to one embodiment of the present invention. The user selects 
among various greeting card types 1 901 as presented in screen 1900. FIG. 20 is a screen shot 
of a greeting card composition screen 2000 showing greeting card selection, according to one 
embodiment of the present invention. The user selects among several greeting cards 2001 as 
displayed on screen 2000. Previews of the displayed cards 2001 are also available. Once a 
25 card has been selected, a greeting card composition screen 2100 such as shown in FIG. 21 is 
displayed, showing message input, according to one embodiment of the present invention. 
The user is presented with a preview 2101 of the card, and can enter personalized messages 
and salutations in fields 2102 and 21 03. Buttons 2104 allow a user to proceed with 
addressing, previews, or postponing transmission of the card. 
30 FIG. 22 is a screen shot of a greeting card composition screen 2200 showing greeting 

card addressing, according to one embodiment of the present invention. Fields 2201 allow 
entry of the recipient's postal address. Buttons 2202 allow the user to proceed with selecting a 
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gift certificate for the card, or postponing transmission, or looking up an address for the 
recipient. 

In one embodiment, the user may select a gift certificate to be included with the card. 
FIG. 23 is a screen shot of a greeting card composition screen 2300 showing gift certificate 
selection , according to one embodiment of the present invention. The user can select from a 
number of gift certificates 2301, which may be coupons for various merchants. Depending on 
the user's selection, the recipient's card includes a gift certificate for a particular merchant. 
Previews and additional information concerning gift certificates 2301 can be obtained by 
clicking on appropriate buttons in screen 2300. 

This feature allows a sender who may be personally known to the recipient to directly 
select and send a gift certificate for a vendor. The sender benefits by this process by being 
able to send a free , high quality greeting card, created online, but addressed by postal address; 
the vendor benefits by having a gift certificate targeted to the recipient, benefiting from the 
sender's judgment about the interests of the recipient; and the recipient benefits from 
receiving the greeting card and the gift certificate. 

Once the user has made the selections in FIGS. 19 through 23, a personalized greeting 
card is generated and sent to the recipient. This step also initiates pre-registration for the 
specified recipient. FIG. 24 shows a greeting card 2400 as delivered to the recipient, including 
a personalized message 2401, gift certificate 2402, and registration code 2403, according to 
one embodiment of the present invention. Also provided is a unique identifier 2404 for 
signing onto the system. The recipient can thus become authenticated by virtue of the fact that 
he or she has received a piece of physical mail at the specified address, when he or she then 
signs on to the system and provides registration code 2403. Incentives for such sign-on may 
be provided, such as for example allowing the recipient to compose and send a number of 
greeting cards to other recipients, upon sign-on. 

Referring now to FIG. 25, there is shown a screen shot of an add contact screen 2500 
according to one embodiment of the present invention. The user provides required 
information 2501 as well as additional information 2502 for the new contact, who is then 
entered in the user's local database. Okay button 2503 confirms the information. In one 
embodiment, addition of a contact using screen 2500 may initiate pre-registration for the 
contact, subject to authentication. Thus, this feature allows the action of adding a contact to 
one's address book to initiate pre-registration of another user. In contrast, conventional online 
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address books merely store contact information; creation of a new contact does not create an 
email or similar account for the contact in any electronic communication system. 

Referring now to FIG. 26, there is shown a screen shot of an options screen 2600 
according to one embodiment of the present invention. Various administrative options 2601 
5 are provided for interacting with the system of the present invention, including for example: 



15 2700 according to one embodiment of the present invention. When the user enters an 

unrecognized address in fields 2701 (in this example during entry of their postal information) 
the address correction wizard provides a list of closely matching addresses 2702. The user can 
then select from the displayed list. In this manner, physical addresses can be verified before 
messages are sent, even if the user does not remember the exact address. This same feature of 

20 the address correction wizard is available any time a user provides a postal address into the 
system (e.g. account registration, addressing a message by postal address, addressing a 
greeting card, etc. by postal address, and so forth). 

Referring now to FIG. 28, there is shown a conceptual diagram showing a comparison 
2800 of digital mail 2802 of the present invention with conventional postal mail 2801 and 

25 conventional e-mail 2803. As portrayed in FIG. 28, digital mail 2802 as implemented by the 
present invention provides the advantages of postal mail 2801 (trusted system, familiar, and 
verified addresses), while avoiding the disadvantages of postal mail 2801 (slow, inconsistent, 
and expensive). In addition, digital mail 2802 as implemented by the present invention 
provides the advantages of e-mail 2803 (fast, inexpensive, and efficient), while avoiding the 

30 disadvantages of e-mail 2803 (insecure, spam-ridden, and unverifiable). 



10 



• Editing a personal profile; 

• Editing default settings and preferences; 

• Changing passwords; 

• Configuring automated forwarding and notification options; 

• Specifying filtering and blocking options; 

• Configuring retrieval of POP e-mail from various accounts; 

• Creating a personal signature, and optionally a digital signature; and 

• Configuring automatic reply to incoming messages. 

Referring now to FIG. 27, there is shown a screen shot of an address verification screen 



Business models for customer acquisition 
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Yet another aspect of this invention are the specific methods that can be used to acquire 
users. Potential users can be first contacted by either physical delivery, existing email 
systems, or through the world-wide-web internet. 

1) Contact through internet access to the Digital Mail Network website 
5 Potential users will be able to click on hyperlinks at a variety of other partner 

companies' websites that will direct their browser to initiate a session with the Digital Mail 
Network. In particular, at such an initial session, a potential new user will both have the 
opportunity to activate a Digital Mail Account, to send Digital Mail, and to use marketing 
promotions such as the sending of free greeting cards via the Digital Mail Network. 
10 2) Contact through branded links from other portals allowing those portals to offer the 

services available within the Digital Mail Network 

In particular, the services of "anonymous DmaiP', recipient queries, and free greeting 
cards could be provided through links at other portals that maintained their branding. 
3) Contact through physical mail delivery 
15 As discussed in previous paragraphs, authentication is the process of verifying that a 

particular Dmail user has a particular physical street address. Verification is accomplished by 
having the recipient respond to the Digital Mail server with a code printed on a piece of 
physical mail received. There are various methods to generate physical mail addresses to 
which to address postal mail containing authorization codes: 

a) In response to the recipient requesting registration through the web-browser 
interface or by a request to the postmaster of the Digital Mail server. Users would be 
motivated to request registration as a result of direct marketing, or due to hearing radio or 
seeing print advertisements. 

b) By "piggybacking" a printed code on some other piece of mail that the recipient 
would be receiving anyway. Examples of this method would be having the Digital Mail server 
initiate business agreements with senders of merchandise catalogs, other mass mailings, or 
specifically with bill sending agencies such as credit card issuers. Codes printed on these 
materials would allow the quickcode method of immediate authentication without the Digital 
Mail PostOffice needed to send any additional postal mail for physical delivery. 

c) In response to some other sender addressing Dmail to a new recipient. In order to 
encourage this method, the Digital Mail server creates the concept of advertisement-supported 
greeting cards, that users can address to friends, acquaintances, and associates. 
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Specifically for the third method above, free-to-the-sender greeting cards are a 
combination of both Dmail and a physical printed postal mail card, containing any 
combination of: 

• Personal message from sender; the sender is preferably personally known to the 

5 recipient, and thus the recipient is more inclined to read the card, instead of merely 

throwing it away as junk mail. 

• A tip, such as a recipe or "how-to" tidbit (including branding of specific items or 
ingredients) 

• Coupon for the branded item 
10 • Coupon for a related item 

• A xxxx.com Identification card, with a Dmail account registration code. 

A preferred embodiment of the combination postal greeting and Dmail registration card 
is shown in Fig 5. The card has four panels created by three crease-line folds 513. The 
structure of this greeting card is preferably applied to the greeting cards generated by the 
15 process described with Figs. 1 9-23. 

The preferred structure of a greeting card is as follows: 

Panel 501 contains a "tip", or some other information that would be meaningful to the 
recipient, and which the recipient would find interesting to keep. 

Panel 502 contains a personal message from the sender. An additional enticing 
20 principle is that this message is only partially exposed when panel 503 remains folded over the 
second crease-line 513, and therefore requires this panel 503 be opened before the personal 
message on panel 502 is fully visible. 

Panel 503 contains a coupon, gift certificate, or collection of such items. 
Panel 504 contains a detachable registration card, with a Dmail account number and a 
25 quick code for entry by the recipient in the manners described above.. 

The placement of the digital mailbox account number and quick code on panel 504 is 
also desirable. This is because its folded location prevents it from being seen before the card is 
fully opened. Since it is a violation of law for other than then addressed recipient to open the 
card, there is a high degree of certainty that only the intended recipient views the code, and 
30 subsequently provides it back to the system 100 to authenticate their address and identity. 

The structure of this type of greeting card also facilitates particular methods of forming 
such cards including receiving a personal message and recipient postal address from a sender, 
receiving the sender's selection of a coupon or promotion of an advertiser, printing the 
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sender's messages and selected coupons/promotions onto a physical mail piece, and delivering 
the mail piece to the recipient. For the purpose of authenticating the postal address of the 
recipient, the method further includes printing an authentication code on the mail piece, 
receiving the authentication code in a computer system, and verifying the authentication code. 
5 The method may further include printing and folding sealing the mail piece to at least partially 
obscure the coupon and/or authentication code, so as to require the mail piece to be unfolded 
completely to reveal the coupon and/or code. The method may further include printing and 
folding the mail piece to partially obscure the sender's message, so as to require the recipient 
to unfold the mail piece to read the entire sender message. 
10 4) Contact through Email 

Messages sent out over ordinary email systems may also be used to encourage a 
potential user to activate a Digital Mail account by accessing the Digital Mail Networks 
website. In particular, a method is to send email through one of the many "opt-in" services that 
has a mislabeled sender and a message body that makes a potential user realize the potential 
15 advantages of authenticated Digital Mail. An example of such an email message is: 
FROM: Tom Friend 

TO: Joe User 

SUBJECT: A new development in communications! 



Joe, 

Wouldn't you love to be able to trust who an email is really from? 

Yours, 
Tom 

If you hate spam, don't go postal, go postoffice.com 
Don't Lick, just Click postoffice.com Digital Mail 



Revenue Sources for the Digital Mail PostOffice 

30 Digital Postage paid by the sender 

In particular, a new concept is that the price paid for a message depends on the 
addressing mode used for that message. Each addressing mode can have a different price based 
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on the amount of resources necessary for handling the message, the value to the sender, and 
the degree to which it is strategic to encourage particular addressing modes. For example, 
addressing using the Digital P.O. Box number is priced very low, to encourage the widespread 
use and distribution of Digital P.O. Box numbers, which only the Digital Mail Network can 
5 deliver. 

Further, the price paid for a message depends on the category it is to be displayed in, 
and the position (priority) within that category. An additional new concept is that the price can 
change based upon the sender's choice of category, with no change to the contents of the 
message itself. 

10 Fees for additional services requested by the sender 

These potential fees include amounts for all of the options available in the section 
above entitled "Services on sent messages, taking effect at the Receiver". 
In particular, fees can provide revenue for: 

a. Sending with a return-receipt requested for delivery of envelope to recipient. 
15 b. Sending with a return-receipt requested for delivery of letter contents to recipient. 

c. Sending "priority mail" that appears in a premium category, such as the priority 
category or the "first class" business instead of "standard class". 

d. Sending "express mail" that will stay at the top of a time-sorted list until it is read, 
even if newer messages arrive subsequently. 

20 e. Requiring that the receiver supply an additional password or response to a question 

challenge before being able to read the message. 

f. Alerting the recipient of incoming Dmail by additional notification methods: 

i. Physical Delivery 

ii. Email 

25 iii. Facsimile 

iv. Automated Telephone 

v. Human-operator Telephone 
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Fees for query services 

These fees would apply to requests about potential recipients, even if Dmail isn't 
actually sent. The fees are levied for all of the types of information described in the above 
section entitled "Services available before (or in contemplation of) sending": 



• Whether the recipient has authenticated the Dmail account 

• How long the Dmail account has been open 

• How long the Dmail account has been at its present physical postal address 

• The monthly volume of mail received by the intended recipient in the sender's intended 



• The last date Dmail was read from the account 

• Whether the recipient already has filters in place that would block the viewing of the 
intended message. 

• Preferences of this account for advertisements of particular types and subjects. 
Fees for additional services requested by the receiver 

These potential fees apply when a recipient has specified to be alerted regarding 
incoming mail in particular categories. An additional new concept is the point that such fees 
can be levied only for mail in particular categories, where the categories are part of what the 
Digital Mail Network authenticates. The alert methods, each with a different price, are the 
same as can also be specified by the sender 

a) Physical Delivery 

b) Email 

c) Facsimile 

d) Automated Telephone 

e) Human-operator Telephone 



5 



Whether the recipient has an existing Dmail account 



10 



category. 
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Appendix A 

Example Web Site Organization for a Web Site Supporting Digital Mail Network 

1 . Web Site 

1 . Registration 

5 1. registration, asp 

1. POST 

1 . registration_process.asp 
2. registration. asp 
1. POST 

10 1 . registration_process. asp 

2. Login 

1 . login.asp 

3. Logout 

1 . logout.asp 
15 1. POST 

1 . logoutaction.asp 

4. Mailbox 

1. mail. asp 

1. POST 

20 1. mailaction.asp 

5. Compose Letter 

1 . compose, asp 
1. POST 

1 . compose action. asp 
25 6. Compose Greeting 

1 . greeting.asp, 
7. Addresses 

1 . Main Page Layout 
1 . Header 
30 1 . topsutff.asp 

1 . Logo 

2. User Postal Address 

3. User Email Address 

4. Advertisement 
35 2. Global Menu 



40 



45 



1. 


Mailbox 


2. 


Sent 


3. 


Trash 


4. 


Compose Letter 


5. 


Compose Greeting 


6. 


Addresses 


7. 


Folders 


8. 


Options 


9. 


Help 


Addresses Bar 


1. 


Address Book View 
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2. Alphabet Index 
4. Action Menu 

1 . Add Contact — link to add_address.asp 

2. Delete — call javascript and submit (addresses.asp) 
5 5. Sort Menu — all links call addresses.asp 

1 . Name 

1 . First 

2. Last 

2. Nickname 

10 3. Postal Address 

4. Email 

6. Entry 

1. Check Box 

2. Name — link to user profile (add adderss.asp) 
15 3. Nickname 

4. Postal Address 

5. Email — link to compose (compose.asp) 

6. Telephone number? 

7. Footer 

20 1 . Global menu 

2. Copyright 
2. Edit Page Layout 

1 . Required Information 
1 - First Name 

25 2. Last Name 

3. Email Address 

4. Digital Post # 

5. Postal Address 

2. Additional Information 
30 ] . Group associated 

2. Nickname 

3. Company 

4. Home Telephone 

5. Work Telephone 
35 6. Fax number 

7. Cell Number 

8. Pager Number 

9. Work URL 

10. Home URL 
40 11. Note 

12. Birthday 

13. Action Menu 

1 . Okay — call javascript and submit (addresses.asp) 

2. Cancel — call addresses.asp 
45 14. Footer 

1 . Global menu 

2. Copyright 

8. Folders 

1 . folders.asp 
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1. 


POST 






1 . folders action.asp 




2. 


folders confirm, asp 






1. POST 


5 




1 . folders_action.asp 




3. 


folders create.asp 






1 . P6ST 






1 . folders_action.asp 




4. 


folders_de1ete.asp 


10 




1. POST 






1 . folders_action.asp 




5. 


foldersrename.asp 






1. POST 






1 . folders_action.asp 


15 


9. Options 






1 . options.asp 




1. 


options_extemal.asp 




2. 


options_extemal_newmail. asp 




3. 


options filters.asp 


20 


4. 


options_forwarding. asp 




5. 


options_password.asp 




6. 


optionsJPreferences. asp 




7. 


options_profile.asp 




8. 


options_signature.asp 


25 


9. 


options_vacation.asp 



10. Help 
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rfc-822 format with extended header information 
1. X-PO-<n>-TYPE 
1. Dmail to 

1. EMAIL 

1 . X-PO-<n>-EMAIL 

2. POBOX 

1. X-PO-<n>-POBOX 

3. TELEPHONE 

1 . X-PO-<n>-(FROM/TO/CC/BCC)-FIRST 

2. X-PO-<n>-(FROM/TO/CC/BCC)-LAST 

3. X-PO-<n>-TELEPHONE 

4. ADDRESS 

1 . X-PO-<n>-(FROM/TO/CC/BCC)-FJRST 
1 . Mailing address name 

2. X-PO-<n>-(FROM/TO/CC/BCC)-LAST 
1 . Mailing address name 

3. X-PO-<n>-(FROM/TO/CC/BCC)-ADDRl 
1 . Mailing address street 1 

4. X-PO-<n>-(FROM/TO/CC/BCC)-ADDR2 
1 . Mailing address street 2 

5. X-PO-<n>-(FROM/TO/CC/BCC)-CITY 
1 . Mailing address city 

6. X-PO-<n>-(FROM/TO/CC/BCC)-STATE 
1 . Mailing address state 

7. X-PO-<n>-(FROM/TO/CC/BCC)-ZIP 
1 . Mailing zipcode 

2. X-PO-<n>-EMAIL 

3. X-PO-<n>-TELEPHONE 

4. X-PO-<n>-POBOX 

5. X-PO-<n>-(FROM/TO/CC/BCC)-FIRST 
1 . Mailing address name 

6. X-PO-<n>-(FROM/TO/CC/BCC)-LAST 
1 . Mailing address name 

7. X-PO-<n>-(FROM/TO/CC/BCC)-ADDRl 
1 . Mailing address street 1 

8. 1 X-PO-<n>-(FROM/TO/CC/BCC)-ADDR2 

1 . 0 Mailing address street 2 

9. X-PO-<n>-(FROM/TO/CC/BCC)-CITY 

1 . 0 Mailing address city 

10. X-PO-<n>-(FROM/TO/CC/BCC)-STATE 
1 . Mailing address state 

11. X-PO-<n>-(FROM/TO/CC/BCC)-ZIP 
1 . Mailing zipcode 

12. X-PO-SECTION 
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1 . Category to sort mail in recipient mailbox; Personal, Priority, Business 
Class, Consumer class, Email class. All un-categorized or 
unauthenticated dmail will be sent to Email class. 

13. X-PO-PRIORITY 

5 1 . Type of mail sent; priority, express, return-receipt envelope, return- 

receipt letter, sender authentication 

1 4. X-PO- AUTHENTICATION 

1. Level of authentication; email, credit card, telephone, postal, none. The 
client web will set this field since it is known at the time of mail 
10 creation, i.e. the mail will have an authentication level of the sender at 

the time the mail was created. 
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Appendix C: Example Schema of Digital Mail Account Database 

1 . Authenticated User (Regular User) 
1 . User Information fields 



5 



10 



1. 


poUsemame: 


user Jog in name 


2. 


poPassword: 


user password 


3. 


poStreet: 


user postal address 


4. 


poCity: 


user postal address city 


5. 


poState: 


user postal state 


6. 


poZip: 


user postal zip code 


7. 


poZip4: 


user postal zip code +4 


8. 


poTelephone 




9. 


poTelephoneAddressable flag whether to let other address you by 




phone number 




10. 


poEmail 


alternative email address 


11. 


poGUID 


its foreign key to the Authentication Pending 




directory 


12. 


poStatus 


user status: active, deleted 


Management fields 


1. 


poMailboxLocation mail server name 


2. 


poMailboxNumber 


16 digital mail box number 


3. 


poActivatedDate 


user activated time 


4. 


poLastVisitDate 


user last visiting date 


5. 


poMailVolume 


how many mail the user receives 


6. 


poAuthenticationMethodie: web, postal card, quick-code...., its an array,- 
the user can be authenticated by multiple methods 


7. 


poFoldlndex 


array of user folder index; ie: 01,02,99 


8. 


poFoldName 


work with poFoldlndex as an associative array: 




ie: 01~>Personal Folder 


Optional field 




1. 


poBirthday 




2. 


poAge 




3. 


poCareer 





4. poCompanyName 

5. poWorkPhone 

6. poAlias alias name for his receiver: mom, dad; it's an array. Odd field 
is alias name, even field is alias poMailboxNumber 

7. Other perferences: 

1 . poBuddyList: array of buddy poMailboxNumber, which will be 
move to friends folder 

2. other web browser preference setting: color, size of screen 

3. some import date information to give dmail notification: your 
birthday, anniversary,... 

2. Authentication Pending User (Account Activated, but not authenticated yet) 
1 Mandatory fields 

1 poGUID: GUID of temporary user 

2. poPassword password 

3. poStreet: user postal address 
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4. poCity: user postal address city 

5. poState: user postal state 

6. poZip: user postal zip code 

7. poZip4: user postal zip code +4 

5 8. poActivationMethod anticipated activation method, its an array 

9. poActivationDate is an array, multiple activation 

10. poActivationCount same address maybe activated multiple times 

1 1 . poActivator who activated this account, array 

12. poStatus a flag to tell if this accounted has been 
10 authenticated, or invalid (timeout) 
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Appendix D: Example organization for Digital Mail Storage Databases 



1. Individual Mail Storage 



Priority 
Financial 
First Class 
Standard Class 

<selected Consumer Mail Classes> 
<selected Broadcast Mail Classes> 
Email 

Trash 

Sent 

Drafts 

<personalfolders> 

2. Consumer Mail Storage for Businesses 
<category> (ie: Catalog) 

<sub-category> (ie: Sports) 

<business Digital Mailbox> 

Digital Direct Mail (displayed to consumers) 
Digital Business Reply Mail (reply from consumers) 
Priority 
Financial 
85 



Inbox 
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Personal 
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First Class 
Standard Class 
Email 

Trash 

Sent 

Drafts 

<business_folders> 

3. Broadcast Mail Storage for Organizations 
<category> (ie: Politics) 

<sub-category> (ie: California) 

individual Entity Digital Mailbox> 

Digital Direct Mail (displayed to individuals) 

Digital Reply Mail (reply from individuals) % 

Trash 

Sent 

Drafts 

<other_folders> 
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We claim: 

1 . A method of transmitting an electronic communication from a sender to a recipient, 
comprising: 

receiving from the sender the electronic communication including a postal address of 

the recipient and the recipient's name; 
determining from a combination of the recipient's and postal address an account in an 

electronic mail system associated with the recipient; and 
delivering the electronic communication to the account associated with the recipient. 

2. The method of claim 1, further comprising: 

verifying the recipient's postal address against a database of known addresses. 

3. A method of transmitting an electronic communication from a sender to a recipient, 
comprising: 

receiving from the sender the electronic communication including a telephone number 

of the recipient and the recipient's name; 
determining from a combination of the recipient's name and telephone number an 

account in an electronic mail system associated with the recipient; and 
delivering the electronic communication to the account associated with the recipient. 

4. A method of providing an electronic communications account in an electronic 
communication system, to allow a recipient to receive electronic communications without 
directly requesting the account, comprising: 

receiving a database of plurality of postal addresses, each postal address associated 

with at least one recipient; and 
for each of a plurality of the recipients, establishing an electronic communications 
account and associating the account with a unique combination of the postal 
address of the recipient and the recipient's name, prior to receiving any request by 
the recipient to establish the account. 

5. The method of claim 4, further comprising: 
assigning each account number a unique account number. 
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6. The method of claim 5, wherein the unique account number comprises 1 6 digits and 
is formatted when printed into four groups, each group including four digits. 

7. A method of providing an electronic communications account in an electronic 
communication system, to allow a recipient to receive electronic communications without 
directly requesting the account, comprising: 

establishing an electronic communications account for a recipient in association with a 

postal address of the recipient; 
receiving from a sender a request to transmit a message to the recipient, the request 

including the postal address of the recipient; 
generating an authentication code and associating the authentication code with the 

recipient's account; 

printing the message from the sender and the authentication code on a physical mail 
piece; and 

causing delivery of the physical mail piece to the recipient. 

8. The method of claim 7, further comprising: 

receiving from the recipient a code and information identifying the recipient; and 
responsive to the code received from the recipient matching the authentication code 
associated an electronic mail account of the recipient, authenticating the recipient 
as being associated with the postal address, and activating the account. 

9. A method of providing an electronic communications account in an electronic 
communication system, comprising: 

receiving from a user information identifying the user and a postal address of the user, 
establishing an electronic communications account in association with the postal 
address of the user; 

printing a mail piece including the postal address of the user and an authentication 

code, the authentication code associated with the account; 
causing delivery of the mail piece to the postal address of the user; 
receiving from the user a code and information identifying the user; 
responsive the code matching the authentication code, activating the account for the 

user. 
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10. A method of transmitting an electronic communication from a sender to a 
recipient, comprising: 

storing a database of electronic communications accounts, each account associated 
with a user name and a postal address; 
5 receiving from a sender a request to transmit an electronic communication to a 

recipient, the electronic communication addressed by including a postal address of 
the recipient and the recipient's name; 
responsive to the recipient's name and postal address not identically matching the user 
names and postal addresses for existing accounts in the database, selecting a user 
10 name and postal address that most closely matches the recipient's name and postal 

address; and 

transmitting the electronic communication from the sender to account associated with 
the selected user name and postal address. 

1 1 . A method of establishing an electronic communications account, for a recipient, 
15 comprising: 

storing a database of electronic communications accounts, each account associated 

with a postal address at least onfc user name; 
receiving from a sender a request to transmit an electronic communication to a 

recipient, the electronic communication addressed by including a postal address of 
20 the recipient and the recipient's name; 

responsive to the recipient's postal address matching a postal address of an existing 
account in the database and the recipient's name not matching a user name 
associated with the account: 

associating the recipient's name with the existing account; and 
25 sending an electronic communication to a user previously associated with 

the account to allow the user to either approve or disapprove association 
of the recipient with the user's account. 

12. A method of establishing an electronic communications account, for a recipient, 
comprising: 

30 storing a database of electronic communications accounts, each account associated 

with a postal address at least one registered user name; 
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receiving from a user a request to establish an electronic communication account, the 

request including a postal address of the user and the user's name; 
responsive to the user's postal address matching a postal address of an existing account 
in the database and the user's name not matching a registered user name associated 
5 with the account: 

associating the user's name with the existing account; and 

sending an electronic communication to the registered user previously 

associated with the account to allow the registered user to either approve 
or disapprove association of the user with the registered user's account. 

10 13. A method of establishing an electronic communications account, for a recipient, 

comprising: 

storing a database of electronic communications accounts, each account associated 

with a postal address at least one user name; 
receiving from a sender a request to transmit an electronic communication to a 
15 recipient, the electronic communication addressed by including a postal address of 

the recipient and the recipient's name; 
responsive to the recipient's postal address matching a postal address of an existing 
account in the database and the recipient's name partially matching a user name 
associated with the account: 
20 associating the recipient's name with the existing account; and 

sending an electronic communication to a user previously associated with 
the account to allow the user to confirm that the recipient's name also 
identifies the user. 

14. A method of establishing an electronic communications account, for a recipient, 
25 comprising: 

storing a database of electronic communications accounts, each account associated 

with a postal address at least one registered user name; 
receiving from a user a request to establish an electronic communication account, the 

request including a postal address of the user and the user's name; 



90 



JNSDOCID: <WO 0113576A2_1_> 



WO 01/13576 




PCT/US00/22321 



responsive to the user's postal address matching a postal address of an existing account 
in the database and the user's name partially matching a registered user name 
associated with the account- 
associating the user's name with the existing account; and 
sending an electronic communication to the registered user previously 
associated with the account to allow the registered user to confirm that 
the user name also identifies the registered user. 

15. A method of transmitting an electronic communication from a sender to a 
recipient, comprising: 

receiving from a sender an electronic communication addressed to a unique 

1 6 digit account number and a host domain; 
determining from the 16 digit account number an electronic 

communications account of a recipient; and 
storing the electronic communication in recipient's account. 

16. A method of updating a database of electronic communications accounts, 
comprising: 

storing a database of electronic communications accounts, each electronic 

communications account including a name of a registered user and a postal address 
of the registered user; 
monitoring a postal address change database for changes in postal addresses; 
responsive to a change in a first postal address to a second postal address: 

matching the first postal address to the postal address of an electronic 

communications account in the database; and 
updating the electronic communications account to include the second 
postal address. 

17. The method of claim 16, further comprising: 

sending an electronic communication to the registered user associated with the 

electronic communications account having the second postal address allowing the 
registered user to approve the change to the second postal address. 
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1 8. A method of charging for delivery of an electronic communication, comprising: 
receiving an electronic communication from a sender; 
determining an addressing mode selected by the sender; and 
establishing a price for delivering the electronic communication according to the 
5 addressing mode selected by the sender. 

19. The method of claim 18, wherein the addressing mode is selected from a group 
consisting of: 

a postal address of the recipient; 
an email address of the recipient; 
10 a telephone number of the recipient; and 

an account number of an electronic communications account of the recipient. 

20. A method of providing a mailbox containing electronic communications, the 
method, comprising: 

receiving a plurality of electronic communications for a recipient, each electronic 
15 communication received from a sender being of a known type of sender; and 

displaying the plurality of electronic communications in a plurality of visually distinct 

groupings, each grouping containing electronic communications from one type of 

sender. 

2 1 . The method of claim 20, wherein the types of senders include: 
20 personal senders; 

business class senders; and 
catalog senders. 

22. A method of providing a mailbox containing electronic communications, the 
method, comprising: 

25 receiving an electronic communication from a sender addressed to a recipient, the 

electronic communication designated by the sender as a priority communication; 
displaying a mailbox of the recipient including a plurality of other electronic 
communications; 
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sorting the electronic communications in the mailbox according to a date to form a 

sorted list of electronic communications in the mailbox; and 
displaying the electronic communication from the sender at a top of the sorted list 
regardless of its date. 

5 23. The method of claim 22, further comprising: 

maintaining the electronic communication from the sender at the top of the list of 
sorted electronic communication until the recipient reads the electronic 
communication. 

24. A method of delivering electronic communications to an electronic 
communications application of a recipient to cause a desired organization of the electronic 
communications in the electronic communication application, the method comprising: 

receiving an electronic communication from a sender addressed to a recipient, the 
sender having a type, and the electronic communication having a current date; 
responsive to the type of the sender, changing the date of the electronic communication 
to a past date, the past date selected from a date range associated with each type of 
sender; and 

delivering the electronic communication to the electronic communication application 
of the recipient. 

25. A mail piece for delivery from a sender to a recipient who personally knows the 
20 sender, the mail piece comprising: 

a personal message from a sender to a recipient; and 

a promotional item from an advertiser and selected by the sender. 

26. The mail piece of claim 25, further comprising: 

25 a first panel containing the personal message printed on a first side; and 

a second panel to the first panel and containing the promotional item printed on a same 
side as the first side, the second panel folded over the first panel to partially 
obscure and partial reveal the personal message. 
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27. The mail piece of claim 25, further comprising: 

an authentication code uniquely associated with a postal address of the recipient and an 
electronic communications account of the recipient. 

28. The mail piece of claim 27, further comprising: 
a first panel containing the personal message printed on a first side; 
a second panel to the first panel and containing the promotional item printed on a same 

side as the first side; and 
a third panel containing the authentication code and printed on a same side as the first 
side, the third panel folded onto the first panel to completely obscure the 
authentication code, so as to require the third panel to unfolded to reveal the 
authentication code. 

29. A method of creating and forming electronic communications, the method 
comprising: 

receiving an electronic communication from a sender and intended for delivery to 
15 plurality of recipients; 

providing to each intended recipient an indication of the availability of the electronic 

communication from the sender; and 
responsive to an intended recipient attempting to read the electronic communication 
personalizing the electronic communication using information related to the 
20 recipient and providing the personalized electronic communication to the recipient 

for reading. 

30. A mail transfer protocol, comprising: 

a first requirement that every sender of an electronic communication have a digital 
certificate which authenticates the sender; 
25 a second requirement that every host machine from which an electronic communication 

is sent have a digital certificate; and 
a third requirement that every program from which an electronic communication is sent 
have a digital certificate. 

31. A system for providing authenticated electronic communications, comprising: 
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program code that authenticates each electronic communication sent by a sender by 
attaching a digital certificate to the electronic communication; and 

program code the receives an electronic communication and determines whether the 
electronic communication includes a digital certificate, and responsive to the digital 
5 certificate, authenticates the sender; and 

program code that displays each received electronic communication and an indication 
of whether the electronic communication is authenticated. 
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Figure 1: Digital Mail Network (100) Overview 
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Figure 2: Digital Mail PostOffice Data Center (107) Detail 
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Figure 3: Remote (at the Digital Mail PostOffice) Entity Server (210) Detail 



DMTP 



03 ' 
~~ 
a» • 




z: 

~i 




<- 

3.; 
c . 




5t* 

5i 


0MTP_ 


at < 




SI 


DMTP 


e> ' 
o* < 




cu 




or- 




•a '. 
c - 




?R 
5^ 




<» 

3: 






Digital Mail Email Server (EMS) 



SMTP/POP 



Digital Mail Dmaii Server (DS) 




0113576A2 I > 



WO 01/13576 PCT/US00/22321 

4/27 



Figure 4: Local (personal PostOffice software) Entity Server (200) Detail 
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Figure 5: Entity Client (300) Detail 
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Figure 6: Greeting Card Detail 
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John Smith 

1224 Sand HiO Rd 
Pato Afto CA B5001 US 

John.Smith@postofRce.com 



Mailbox Sent Trash Compose 

Letter 



DQStOffttBXOBl^ 



Compose 
Greetina 



From: 

\no\ 

Subject: 

Date: 

Hi John: 




Joe Venture Add to AddressBoofc Add to Block Urt 
343 Capital Way 
Boston MA , 02343 



While in San Jose „. ~ 1702: 

Wed, 28 Jul 1399 02.-04:41 -0800 : ^ 0 j 



t»B coming to San Jose next week and bringing 
my golf club a . So make ua a reservation at 
Pebble Beach ... : ) 

Joe 



r 



((Move to Selected Folder) 



Mailbox Sent Trash 



Compose 
Letter 



Compose 
Greeting 




Search your Mail: 

Consumer Mail Folders: 

Air Tickets | Music [ Downloads | Entertainment | Games | Yellow Pages 
Headlines { Sporting Goods | Videos | Weather | Books | Other Folders... 
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postoffkexotn^ 



Mailbox 



Trash 



Compose 
Letter 



Compose 
Greeting 




\fov Com P ose Letter 





ISO? 



PostOffice.com Business Plan 



gitaf POBOX 3 

flddtsa Bflofc Lookup — fg ou 
Plmam Lookup ~— /yo*7 

Check RgrtplfMtt { A^TlPTPS Wfrarrf-^ |?Of 

ftenrev* Recipient — -/gc^ 
Add Fecipiem 



Dear Joe, 

we're funding a startup called PostOffice.com that 
allows you to send email to a postal address 
(they call it Digital Mail) . 

We've taken the lead and I thought you might want 
to join in on follow on rounds. 

John 

PS. I've attached the business plan. 



■sen. 



3 wvs 




iSol 



/sco 
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Mailbox Sent Trash 



Compose 
Letter 



Compose 
Greeting 
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Folders Options Help 



Compose Greeting Card : Step 1 
; Holidays. 



Select Greeting Type 



aoril fools day 
arbor dav 
boss dav 
Christmas 
earth dav 

easter 
fathers dav 
flag dav 
fourth of july 
friendship day 



hanukkah 

mothers dav 
new year 
oassovcr 
rosh hashanah 
secretaries dav 
St patricks day 
sweetest day 
tax dav 



l great amcncan smoiceogt 

groundhog dav 
j halloween 


tnanks giving 
valentines dav 


Other Occasions 


J birth dav 
I friendship 
! love 
j thank vou 
| wedding 

workplace 
| apology 

mod luck 

graduation | 


congratulations 
" wedding 
sympathy 
friendship 
bachelorfette^ i 
welcome i 
engagement j 
new babv 
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lailbox I Sent Trash Compose 

Letter 



POStOffkBMHB- 



Compose 
Greeting 



Addresses Folders Options. Help 



Compose Greeting Card : Step 2 : Select Greeting Card 



An n iv ersary 

Apology 

Encouragement 

Birthday 
Good Luck 

Grad uati on 

Congratulations 

Weddlno 

Sympathy 

Friendship 

Bacheforfette^ 

Spgpqgmem 

New Baby 
Stank C^rds 
TTi^nk You 
SgLWfiQ 
New Home 

bqp voyage 

More.., 




r Zoo\ 



Zoc> 1 



1 



r<6. to 
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Mailbox 


Sent 


Trash 


Compose . 
Letter 



Compose 
Greeting . 



postoffke.com ^ 

at 



Compose Greeting Card : Step 3 : Write Card Messsage 

: 5 Choose another design if vou don't like this one... 




2tot 



Personalize your card with a holiday greeting. Send warm wishes through the mail in 
time for the holidays. Or you can choose to see some of the suggested greetings by 
clicking the suggestion button at the bottom of the page. 

[Dear Joe Venture. 



I'm excited that the holidays are almost here and the greeting card agf 
idea has been a success. Hope you're enjoying the holidays with your 
family. 



- - - .._ _ M 

*Z-*°3 '•v^ jSincerery. John Smith 
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Sent 


Trash 


Compose 
Letter 


Compose ~* 
Greeting 


Addresses 


m m 




Help 


Compose Greeting Card : Step 4 : Address Greeting Card 




l\o\ 




Name of Receiver; 

Jjoe Venture 

Street Address 1: 

[4321 Sand Hi!) Rd 

Street Address 2: 



ZZo\ 



E 

City: 
jPatoAlto 



States Zip; 

JCA ]9socn 
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Compose Greeting Card : Step 5 : Select Gift Certificate 
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Best Wishes! 



gel Ibe energy- f m0 re rime on rest, re] 

resolve this year to spena 
1 . Deal? . . 



resolve ro» ■ 
and renewal Deal. Mtbebestt 

Jim 




>DOCID: <WO 01 1 3576A2J_> 



WO 01/13576 




PCT/US00/22321 



24/27 



PostOffioe.com - Digital Mailbox 

John Smith 

1234 Sand HWRd 
Palo AttO CA 95001 US 

John.Smith@postofRce.com 



posioffke.com 



Mailbox 


Sent 


Trash 


Compose 
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Folders 




IHES 




Caned 


Add Contact 




Required Information 



First N*m« 
: Namt 
Email 



Oty t S tat a » 
Zip 

lWm 
Company 
Home # 
Work a> 
Fax a 
Call m 
Pacar # 



Home URL 



Additional Information 



T~l — ~"~ 



Mailbox Sent Trash Compose 

Letter 



Compose 
Greeting 



O 1999 poaofTice.com. Inc. AH rights reserved. Terms of service Privacy Statement 



MSDOCID: <WO 0113576A2 I > 



WO 01/13576 



25/27 



PCT/US00/22321 



PostOffice.com - Digital Mailbox 

John Smith 

1134 Sand HID Rd 
Pak> Alto CA 9S001 US 

John.Smith@postoffice.com 



postoffke^om^ 



Mailbox 



Trash 



Compose 
Letter 




Options 



User profile Edit your persona! profile, including your name, alternate email, and other 
rWy^M information. 

Preferences Edit your PostOffice.com default settings, including your outgoing name, 
. ^ reply-to address, and message handling settings. 

Change Change the password you use to access your PostOffice.com account ov^r 
Password **** Internet. 

Forwarding Configure PostOffice.com to automatically forward or notify you of priority 
> and ""coming mail via email, mail, phone, beeper, or voicemaii. 

Notifications 

Fitters Filter your incoming messages and block mail from any address. 

External POP Configure PostOffice.com to retrieve POP email from all your different 
Email accounts through a single interface. 

Signature Create a personal signature, and optionally a Digital Signature, to add to 
; every outgoing mail. 

Vacation Reply to messages automatically when you are away. 
Message 



Mailbox 



Trash 



Compose 
Letter 



Compose 
Greeting 



I22QESIEB9I 



Search your Mail: [ 



Consumer Mail Folders: 

Air Tickets j Music | Downloads | Entertainment | Games | Yellow Paces 
Headlines I Sporting Goods | Videos [ Weather [ Books [ Other Folders... # 

O 1 999 postoffiC8.com, Inc. All fights reserved. Ternis of service Privacy Statement * 

2&oD 



FI6. 



IS DOC ID: <WO 0113576A2J_> 



WO 01/13576 



26/27 



PCT/US00/22321 




ostoffice.com 

D»«lUNrb!apaT n> 



: dftlonai Information for you* Accountf 
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patience during 
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r home address, for OMail Oeliuerry 



Home****** |ie99Lucap| _ 



sonjose 



your home 
Cty 



ca 



2Sp Code 



uide identity UF»rrfica1ion 



>r profile Ho help ui l:«tt*i 




lew our Terms ot Servic 



cftctdng CK to submt your re 
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*•* ttt Check to rate sure tl- 
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Dir 



HJCENA 
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UJCAYA 



s«f caty 
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SAN JUANCAPISTRANO 92693 



LUCAS V ALLEY RD 
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LUCAS 
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SAN RAFAEL 94903 

PL SAN JOSE 93138 

DR SANTA MARIA 93434 

AVE SAN PABLO 94801 

LUCAYA SAN JUAN CAPO 92692 
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LUCAS ST SAN FERNANDO 91340 
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LUCAS CT SAN JOSE 93148 

LUBY DR SAN JOSE 93133 

LUCAS DR SAN JOSE 93148 

T 1ir*k<Z TiP C4MT4 M49U QTIASA 



CA Pick It 
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CA 
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